SUSE-SU-2026:1700-1: important: Security update for PackageKit
SUSE-SU-2026:1705-1: important: Security update for java-21-openjdk
openSUSE-SU-2026:10685-1: moderate: libthrift-0_23_0-0.23.0-1.1 on GA media
openSUSE-SU-2026:10683-1: moderate: skim-4.6.1-1.1 on GA media
openSUSE-SU-2026:10682-1: moderate: rclone-1.74.0-1.1 on GA media
openSUSE-SU-2026:10687-1: moderate: MozillaThunderbird-140.10.1-1.1 on GA media
openSUSE-SU-2026:10681-1: moderate: python311-social-auth-core-4.8.7-1.1 on GA media
openSUSE-SU-2026:10678-1: moderate: liblxc-devel-7.0.0-1.1 on GA media
SUSE-SU-2026:1715-1: important: Security update for python3
SUSE-SU-2026:1711-1: moderate: Security update for openssl-3
SUSE-SU-2026:1714-1: important: Security update for erlang
SUSE-SU-2026:1723-1: moderate: Security update for openCryptoki
SUSE-SU-2026:1717-1: important: Security update for curl
SUSE-SU-2026:1718-1: important: Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4)
SUSE-SU-2026:1700-1: important: Security update for PackageKit
# Security update for PackageKit
Announcement ID: SUSE-SU-2026:1700-1
Release Date: 2026-05-06T07:42:37Z
Rating: important
References:
* bsc#1262220
Cross-References:
* CVE-2026-41651
CVSS scores:
* CVE-2026-41651 ( SUSE ): 9.3
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
* CVE-2026-41651 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-41651 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
An update that solves one vulnerability can now be installed.
## Description:
This update for PackageKit fixes the following issue:
* CVE-2026-41651: race condition allows for arbitrary RPM package installation
as root and can lead to LPE (bsc#1262220).
## Special Instructions and Notes:
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-1700=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1700=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1700=1
* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1700=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1700=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.31.1
* libpackagekit-glib2-devel-1.2.4-150400.3.31.1
* PackageKit-backend-dnf-1.2.4-150400.3.31.1
* PackageKit-gtk3-module-1.2.4-150400.3.31.1
* typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.31.1
* PackageKit-gtk3-module-debuginfo-1.2.4-150400.3.31.1
* PackageKit-backend-dnf-debuginfo-1.2.4-150400.3.31.1
* PackageKit-devel-debuginfo-1.2.4-150400.3.31.1
* PackageKit-devel-1.2.4-150400.3.31.1
* PackageKit-debugsource-1.2.4-150400.3.31.1
* PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.31.1
* PackageKit-gstreamer-plugin-1.2.4-150400.3.31.1
* PackageKit-gstreamer-plugin-debuginfo-1.2.4-150400.3.31.1
* libpackagekit-glib2-18-1.2.4-150400.3.31.1
* PackageKit-1.2.4-150400.3.31.1
* PackageKit-backend-zypp-1.2.4-150400.3.31.1
* PackageKit-debuginfo-1.2.4-150400.3.31.1
* openSUSE Leap 15.4 (noarch)
* PackageKit-lang-1.2.4-150400.3.31.1
* PackageKit-branding-upstream-1.2.4-150400.3.31.1
* openSUSE Leap 15.4 (x86_64)
* libpackagekit-glib2-18-32bit-debuginfo-1.2.4-150400.3.31.1
* libpackagekit-glib2-devel-32bit-1.2.4-150400.3.31.1
* libpackagekit-glib2-18-32bit-1.2.4-150400.3.31.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libpackagekit-glib2-18-64bit-debuginfo-1.2.4-150400.3.31.1
* libpackagekit-glib2-devel-64bit-1.2.4-150400.3.31.1
* libpackagekit-glib2-18-64bit-1.2.4-150400.3.31.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.31.1
* libpackagekit-glib2-devel-1.2.4-150400.3.31.1
* typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.31.1
* PackageKit-devel-debuginfo-1.2.4-150400.3.31.1
* PackageKit-devel-1.2.4-150400.3.31.1
* PackageKit-debugsource-1.2.4-150400.3.31.1
* PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.31.1
* libpackagekit-glib2-18-1.2.4-150400.3.31.1
* PackageKit-1.2.4-150400.3.31.1
* PackageKit-backend-zypp-1.2.4-150400.3.31.1
* PackageKit-debuginfo-1.2.4-150400.3.31.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* PackageKit-lang-1.2.4-150400.3.31.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.31.1
* libpackagekit-glib2-devel-1.2.4-150400.3.31.1
* typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.31.1
* PackageKit-devel-debuginfo-1.2.4-150400.3.31.1
* PackageKit-devel-1.2.4-150400.3.31.1
* PackageKit-debugsource-1.2.4-150400.3.31.1
* PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.31.1
* libpackagekit-glib2-18-1.2.4-150400.3.31.1
* PackageKit-1.2.4-150400.3.31.1
* PackageKit-backend-zypp-1.2.4-150400.3.31.1
* PackageKit-debuginfo-1.2.4-150400.3.31.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* PackageKit-lang-1.2.4-150400.3.31.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.31.1
* libpackagekit-glib2-devel-1.2.4-150400.3.31.1
* typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.31.1
* PackageKit-devel-debuginfo-1.2.4-150400.3.31.1
* PackageKit-devel-1.2.4-150400.3.31.1
* PackageKit-debugsource-1.2.4-150400.3.31.1
* PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.31.1
* libpackagekit-glib2-18-1.2.4-150400.3.31.1
* PackageKit-1.2.4-150400.3.31.1
* PackageKit-backend-zypp-1.2.4-150400.3.31.1
* PackageKit-debuginfo-1.2.4-150400.3.31.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* PackageKit-lang-1.2.4-150400.3.31.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.31.1
* libpackagekit-glib2-devel-1.2.4-150400.3.31.1
* typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.31.1
* PackageKit-devel-debuginfo-1.2.4-150400.3.31.1
* PackageKit-devel-1.2.4-150400.3.31.1
* PackageKit-debugsource-1.2.4-150400.3.31.1
* PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.31.1
* libpackagekit-glib2-18-1.2.4-150400.3.31.1
* PackageKit-1.2.4-150400.3.31.1
* PackageKit-backend-zypp-1.2.4-150400.3.31.1
* PackageKit-debuginfo-1.2.4-150400.3.31.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* PackageKit-lang-1.2.4-150400.3.31.1
## References:
* https://www.suse.com/security/cve/CVE-2026-41651.html
* https://bugzilla.suse.com/show_bug.cgi?id=1262220
SUSE-SU-2026:1705-1: important: Security update for java-21-openjdk
# Security update for java-21-openjdk
Announcement ID: SUSE-SU-2026:1705-1
Release Date: 2026-05-06T10:28:39Z
Rating: important
References:
* bsc#1259118
* bsc#1262490
* bsc#1262494
* bsc#1262495
* bsc#1262496
* bsc#1262497
* bsc#1262500
* bsc#1262501
* jsc#PED-15898
Cross-References:
* CVE-2026-22007
* CVE-2026-22013
* CVE-2026-22016
* CVE-2026-22018
* CVE-2026-22021
* CVE-2026-23865
* CVE-2026-34268
* CVE-2026-34282
CVSS scores:
* CVE-2026-22007 ( SUSE ): 2.1
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-22007 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-22007 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-22013 ( SUSE ): 6.0
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-22013 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
* CVE-2026-22013 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
* CVE-2026-22016 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-22016 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-22016 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-22018 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-22018 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-22018 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-22021 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-22021 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-22021 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-23865 ( SUSE ): 4.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2026-23865 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2026-23865 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2026-34268 ( SUSE ): 2.1
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-34268 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-34268 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-34282 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-34282 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-34282 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* Basesystem Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
An update that solves eight vulnerabilities and contains one feature can now be
installed.
## Description:
This update for java-21-openjdk fixes the following issues:
Update to upstream tag jdk-21.0.11+10 (April 2026 CPU).
Security issues fixed:
* CVE-2026-22007: Security: unauthenticated attacker with logon to the
infrastructure where java executes can gain unauthorized read access to a
subset of accessible data (bsc#1262490).
* CVE-2026-22013: JGSS: unauthenticated attacker with network access via
multiple protocols can gain unauthorized access to critical data
(bsc#1262494).
* CVE-2026-22016: JAXP: unauthenticated attacker with network access via
multiple protocols can gain unauthorized to access critical data
(bsc#1262495).
* CVE-2026-22018: Libraries: unauthenticated attacker with network access via
multiple protocols can cause a partial denial of service (bsc#1262496).
* CVE-2026-22021: JSSE: unauthenticated attacker with network access via HTTPS
can cause a partial denial of service (bsc#1262497).
* CVE-2026-23865: freetype2: integer overflow in the
`tt_var_load_item_variation_store` function allows for an out-of-bounds read
when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts(bsc#1259118).
* CVE-2026-34268: Security: unauthenticated attacker with logon to the
infrastructure where java executes can gain unauthorized read access to a
subset of data (bsc#1262500).
* CVE-2026-34282: Networking: unauthenticated attacker with network access via
multiple protocols can cause a hang or frequently repeatable crash
(bsc#1262501).
Other updates and bugfixes:
* Provide the timezone-java and tzdata-java (jsc#PED-15898).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1705=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1705=1
* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-1705=1
* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1705=1
## Package List:
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* java-21-openjdk-devel-21.0.11.0-150600.3.26.1
* java-21-openjdk-headless-21.0.11.0-150600.3.26.1
* java-21-openjdk-21.0.11.0-150600.3.26.1
* java-21-openjdk-debuginfo-21.0.11.0-150600.3.26.1
* java-21-openjdk-headless-debuginfo-21.0.11.0-150600.3.26.1
* java-21-openjdk-devel-debuginfo-21.0.11.0-150600.3.26.1
* java-21-openjdk-debugsource-21.0.11.0-150600.3.26.1
* java-21-openjdk-demo-21.0.11.0-150600.3.26.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* java-21-openjdk-devel-21.0.11.0-150600.3.26.1
* java-21-openjdk-headless-21.0.11.0-150600.3.26.1
* java-21-openjdk-21.0.11.0-150600.3.26.1
* java-21-openjdk-debuginfo-21.0.11.0-150600.3.26.1
* java-21-openjdk-headless-debuginfo-21.0.11.0-150600.3.26.1
* java-21-openjdk-devel-debuginfo-21.0.11.0-150600.3.26.1
* java-21-openjdk-debugsource-21.0.11.0-150600.3.26.1
* java-21-openjdk-demo-21.0.11.0-150600.3.26.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* java-21-openjdk-devel-21.0.11.0-150600.3.26.1
* java-21-openjdk-jmods-21.0.11.0-150600.3.26.1
* java-21-openjdk-headless-21.0.11.0-150600.3.26.1
* java-21-openjdk-src-21.0.11.0-150600.3.26.1
* java-21-openjdk-21.0.11.0-150600.3.26.1
* java-21-openjdk-debuginfo-21.0.11.0-150600.3.26.1
* java-21-openjdk-headless-debuginfo-21.0.11.0-150600.3.26.1
* java-21-openjdk-devel-debuginfo-21.0.11.0-150600.3.26.1
* java-21-openjdk-debugsource-21.0.11.0-150600.3.26.1
* java-21-openjdk-demo-21.0.11.0-150600.3.26.1
* openSUSE Leap 15.6 (noarch)
* java-21-openjdk-javadoc-21.0.11.0-150600.3.26.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* java-21-openjdk-devel-21.0.11.0-150600.3.26.1
* java-21-openjdk-headless-21.0.11.0-150600.3.26.1
* java-21-openjdk-21.0.11.0-150600.3.26.1
* java-21-openjdk-debuginfo-21.0.11.0-150600.3.26.1
* java-21-openjdk-headless-debuginfo-21.0.11.0-150600.3.26.1
* java-21-openjdk-devel-debuginfo-21.0.11.0-150600.3.26.1
* java-21-openjdk-debugsource-21.0.11.0-150600.3.26.1
* java-21-openjdk-demo-21.0.11.0-150600.3.26.1
## References:
* https://www.suse.com/security/cve/CVE-2026-22007.html
* https://www.suse.com/security/cve/CVE-2026-22013.html
* https://www.suse.com/security/cve/CVE-2026-22016.html
* https://www.suse.com/security/cve/CVE-2026-22018.html
* https://www.suse.com/security/cve/CVE-2026-22021.html
* https://www.suse.com/security/cve/CVE-2026-23865.html
* https://www.suse.com/security/cve/CVE-2026-34268.html
* https://www.suse.com/security/cve/CVE-2026-34282.html
* https://bugzilla.suse.com/show_bug.cgi?id=1259118
* https://bugzilla.suse.com/show_bug.cgi?id=1262490
* https://bugzilla.suse.com/show_bug.cgi?id=1262494
* https://bugzilla.suse.com/show_bug.cgi?id=1262495
* https://bugzilla.suse.com/show_bug.cgi?id=1262496
* https://bugzilla.suse.com/show_bug.cgi?id=1262497
* https://bugzilla.suse.com/show_bug.cgi?id=1262500
* https://bugzilla.suse.com/show_bug.cgi?id=1262501
* https://jira.suse.com/browse/PED-15898
openSUSE-SU-2026:10685-1: moderate: libthrift-0_23_0-0.23.0-1.1 on GA media
# libthrift-0_23_0-0.23.0-1.1 on GA media
Announcement ID: openSUSE-SU-2026:10685-1
Rating: moderate
Cross-References:
* CVE-2026-41602
* CVE-2026-41604
* CVE-2026-41605
* CVE-2026-41606
* CVE-2026-41607
* CVE-2026-41636
CVSS scores:
* CVE-2026-41602 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-41602 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-41604 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
* CVE-2026-41604 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-41605 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2026-41605 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2026-41606 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-41606 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-41607 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
* CVE-2026-41607 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-41636 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-41636 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves 6 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the libthrift-0_23_0-0.23.0-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* libthrift-0_23_0 0.23.0-1.1
* libthrift-devel 0.23.0-1.1
* libthrift_c_glib0 0.23.0-1.1
* libthriftnb-0_23_0 0.23.0-1.1
* libthriftz-0_23_0 0.23.0-1.1
* perl-thrift 0.23.0-1.1
* python311-thrift 0.23.0-1.1
* python313-thrift 0.23.0-1.1
* python314-thrift 0.23.0-1.1
* thrift 0.23.0-1.1
## References:
* https://www.suse.com/security/cve/CVE-2026-41602.html
* https://www.suse.com/security/cve/CVE-2026-41604.html
* https://www.suse.com/security/cve/CVE-2026-41605.html
* https://www.suse.com/security/cve/CVE-2026-41606.html
* https://www.suse.com/security/cve/CVE-2026-41607.html
* https://www.suse.com/security/cve/CVE-2026-41636.html
openSUSE-SU-2026:10683-1: moderate: skim-4.6.1-1.1 on GA media
# skim-4.6.1-1.1 on GA media
Announcement ID: openSUSE-SU-2026:10683-1
Rating: moderate
Cross-References:
* CVE-2026-41414
CVSS scores:
* CVE-2026-41414 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the skim-4.6.1-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* skim 4.6.1-1.1
* skim-bash-completion 4.6.1-1.1
* skim-zsh-completion 4.6.1-1.1
## References:
* https://www.suse.com/security/cve/CVE-2026-41414.html
openSUSE-SU-2026:10682-1: moderate: rclone-1.74.0-1.1 on GA media
# rclone-1.74.0-1.1 on GA media
Announcement ID: openSUSE-SU-2026:10682-1
Rating: moderate
Cross-References:
* CVE-2026-32952
* CVE-2026-33813
Affected Products:
* openSUSE Tumbleweed
An update that solves 2 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the rclone-1.74.0-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* rclone 1.74.0-1.1
* rclone-bash-completion 1.74.0-1.1
* rclone-zsh-completion 1.74.0-1.1
## References:
* https://www.suse.com/security/cve/CVE-2026-32952.html
* https://www.suse.com/security/cve/CVE-2026-33813.html
openSUSE-SU-2026:10687-1: moderate: MozillaThunderbird-140.10.1-1.1 on GA media
# MozillaThunderbird-140.10.1-1.1 on GA media
Announcement ID: openSUSE-SU-2026:10687-1
Rating: moderate
Cross-References:
* CVE-2026-7320
* CVE-2026-7321
* CVE-2026-7322
* CVE-2026-7323
Affected Products:
* openSUSE Tumbleweed
An update that solves 4 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the MozillaThunderbird-140.10.1-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* MozillaThunderbird 140.10.1-1.1
* MozillaThunderbird-openpgp-librnp 140.10.1-1.1
* MozillaThunderbird-translations-common 140.10.1-1.1
* MozillaThunderbird-translations-other 140.10.1-1.1
## References:
* https://www.suse.com/security/cve/CVE-2026-7320.html
* https://www.suse.com/security/cve/CVE-2026-7321.html
* https://www.suse.com/security/cve/CVE-2026-7322.html
* https://www.suse.com/security/cve/CVE-2026-7323.html
openSUSE-SU-2026:10681-1: moderate: python311-social-auth-core-4.8.7-1.1 on GA media
# python311-social-auth-core-4.8.7-1.1 on GA media
Announcement ID: openSUSE-SU-2026:10681-1
Rating: moderate
Cross-References:
* CVE-2026-32597
CVSS scores:
* CVE-2026-32597 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-32597 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the python311-social-auth-core-4.8.7-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* python311-social-auth-core 4.8.7-1.1
* python313-social-auth-core 4.8.7-1.1
* python314-social-auth-core 4.8.7-1.1
## References:
* https://www.suse.com/security/cve/CVE-2026-32597.html
openSUSE-SU-2026:10678-1: moderate: liblxc-devel-7.0.0-1.1 on GA media
# liblxc-devel-7.0.0-1.1 on GA media
Announcement ID: openSUSE-SU-2026:10678-1
Rating: moderate
Cross-References:
* CVE-2026-39402
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the liblxc-devel-7.0.0-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* liblxc-devel 7.0.0-1.1
* liblxc1 7.0.0-1.1
* lxc 7.0.0-1.1
* lxc-bash-completion 7.0.0-1.1
* lxc-ja-doc 7.0.0-1.1
* lxc-ko-doc 7.0.0-1.1
* pam_cgfs 7.0.0-1.1
## References:
* https://www.suse.com/security/cve/CVE-2026-39402.html
SUSE-SU-2026:1715-1: important: Security update for python3
# Security update for python3
Announcement ID: SUSE-SU-2026:1715-1
Release Date: 2026-05-06T12:10:39Z
Rating: important
References:
* bsc#1259611
* bsc#1259734
* bsc#1259735
* bsc#1259989
* bsc#1260026
* bsc#1261969
* bsc#1261970
* bsc#1262098
* bsc#1262319
* bsc#1262654
Cross-References:
* CVE-2025-13462
* CVE-2026-1502
* CVE-2026-3446
* CVE-2026-3479
* CVE-2026-3644
* CVE-2026-4224
* CVE-2026-4519
* CVE-2026-4786
* CVE-2026-6019
* CVE-2026-6100
CVSS scores:
* CVE-2025-13462 ( SUSE ): 2.0
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-13462 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2025-13462 ( NVD ): 2.0
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-1502 ( SUSE ): 5.7
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-1502 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-1502 ( NVD ): 5.7
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-3446 ( SUSE ): 6.0
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-3446 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-3446 ( NVD ): 6.0
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-3479 ( SUSE ): 2.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-3479 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-3479 ( NVD ): 0.0
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-3644 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-3644 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-3644 ( NVD ): 6.0
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-4224 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-4224 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-4224 ( NVD ): 6.0
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-4519 ( SUSE ): 7.1
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:N/SC:L/SI:H/SA:N
* CVE-2026-4519 ( SUSE ): 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N
* CVE-2026-4519 ( NVD ): 7.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-4519 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
* CVE-2026-4786 ( SUSE ): 7.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-4786 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L
* CVE-2026-4786 ( NVD ): 7.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-6019 ( SUSE ): 2.1
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-6019 ( SUSE ): 3.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-6019 ( NVD ): 2.1
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-6100 ( SUSE ): 9.1
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-6100 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-6100 ( NVD ): 9.1
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Affected Products:
* Basesystem Module 15-SP7
* Development Tools Module 15-SP7
* openSUSE Leap 15.3
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
An update that solves 10 vulnerabilities can now be installed.
## Description:
This update for python3 fixes the following issues:
* CVE-2025-13462: incorrect parsing of TarInfo when GNU long name and type
AREGTYPE are combined can lead to misinterpretation of tar archives
(bsc#1259611).
* CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF
(bsc#1261969).
* CVE-2026-3446: base64 decoding stops at first padded quad by default and
ignores other information that could be processed (bsc#1261970).
* CVE-2026-3479: improper resource argument validation in `pkgutil.get_data()`
can lead to path traversal (bsc#1259989).
* CVE-2026-3644: incomplete control character validation in http.cookies can
lead to input validation bypass (bsc#1259734).
* CVE-2026-4224: parsing XML with deeply nested DTD content models can lead to
C stack overflow (bsc#1259735).
* CVE-2026-4519: failure to sanitize leading dashes in URLs in the
`webbrowser.open()` API can lead to web browser command line option
injection (bsc#1260026).
* CVE-2026-4786: URLs prefixed with `%action` can pass the dash-prefix safety
check and allow for command injection (bsc#1262319).
* CVE-2026-6019: `BaseCookie.js_output()` does not neutralize characters in
cookie values embedded in JS (bsc#1262654).
* CVE-2026-6100: use-after-free in `lzma.LZMADecompressor`,
`bz2.BZ2Decompressor`, and `gzip.GzipFile` when process is under memory
pressure(bsc#1262098).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.3
zypper in -t patch SUSE-2026-1715=1
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2026-1715=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-1715=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-1715=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-1715=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-1715=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-1715=1
* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1715=1
* Development Tools Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-1715=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1715=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1715=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1715=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1715=1
* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1715=1
* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1715=1
* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1715=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1715=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1715=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1715=1
* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-1715=1
* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-1715=1
## Package List:
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* python3-base-3.6.15-150300.10.118.1
* python3-testsuite-debuginfo-3.6.15-150300.10.118.1
* python3-tk-3.6.15-150300.10.118.1
* python3-idle-3.6.15-150300.10.118.1
* python3-dbm-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* python3-curses-3.6.15-150300.10.118.1
* python3-curses-debuginfo-3.6.15-150300.10.118.1
* python3-devel-debuginfo-3.6.15-150300.10.118.1
* python3-devel-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* python3-3.6.15-150300.10.118.1
* python3-doc-devhelp-3.6.15-150300.10.118.1
* python3-tools-3.6.15-150300.10.118.1
* python3-tk-debuginfo-3.6.15-150300.10.118.1
* python3-dbm-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-doc-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-testsuite-3.6.15-150300.10.118.1
* openSUSE Leap 15.3 (x86_64)
* libpython3_6m1_0-32bit-3.6.15-150300.10.118.1
* libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.118.1
* openSUSE Leap 15.3 (aarch64_ilp32)
* libpython3_6m1_0-64bit-3.6.15-150300.10.118.1
* libpython3_6m1_0-64bit-debuginfo-3.6.15-150300.10.118.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* python3-base-3.6.15-150300.10.118.1
* python3-testsuite-debuginfo-3.6.15-150300.10.118.1
* python3-tk-3.6.15-150300.10.118.1
* python3-idle-3.6.15-150300.10.118.1
* python3-dbm-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* python3-curses-3.6.15-150300.10.118.1
* python3-curses-debuginfo-3.6.15-150300.10.118.1
* python3-devel-debuginfo-3.6.15-150300.10.118.1
* python3-devel-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* python3-3.6.15-150300.10.118.1
* python3-doc-devhelp-3.6.15-150300.10.118.1
* python3-tools-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-dbm-debuginfo-3.6.15-150300.10.118.1
* python3-tk-debuginfo-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-doc-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-testsuite-3.6.15-150300.10.118.1
* openSUSE Leap 15.6 (x86_64)
* libpython3_6m1_0-32bit-3.6.15-150300.10.118.1
* libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.118.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* python3-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-base-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* python3-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-base-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* python3-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-base-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* python3-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-base-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* python3-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-base-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* python3-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-base-3.6.15-150300.10.118.1
* python3-idle-3.6.15-150300.10.118.1
* python3-dbm-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* python3-curses-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-dbm-debuginfo-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* python3-tk-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-curses-debuginfo-3.6.15-150300.10.118.1
* python3-devel-debuginfo-3.6.15-150300.10.118.1
* python3-devel-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* python3-tk-3.6.15-150300.10.118.1
* Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* python3-tools-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* python3-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-base-3.6.15-150300.10.118.1
* python3-idle-3.6.15-150300.10.118.1
* python3-dbm-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* python3-curses-3.6.15-150300.10.118.1
* python3-tools-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-dbm-debuginfo-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* python3-tk-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-curses-debuginfo-3.6.15-150300.10.118.1
* python3-devel-debuginfo-3.6.15-150300.10.118.1
* python3-devel-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* python3-tk-3.6.15-150300.10.118.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* python3-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-base-3.6.15-150300.10.118.1
* python3-idle-3.6.15-150300.10.118.1
* python3-dbm-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* python3-curses-3.6.15-150300.10.118.1
* python3-tools-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-dbm-debuginfo-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* python3-tk-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-curses-debuginfo-3.6.15-150300.10.118.1
* python3-devel-debuginfo-3.6.15-150300.10.118.1
* python3-devel-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* python3-tk-3.6.15-150300.10.118.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* python3-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-base-3.6.15-150300.10.118.1
* python3-idle-3.6.15-150300.10.118.1
* python3-dbm-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* python3-curses-3.6.15-150300.10.118.1
* python3-tools-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-dbm-debuginfo-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* python3-tk-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-curses-debuginfo-3.6.15-150300.10.118.1
* python3-devel-debuginfo-3.6.15-150300.10.118.1
* python3-devel-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* python3-tk-3.6.15-150300.10.118.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* python3-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-base-3.6.15-150300.10.118.1
* python3-idle-3.6.15-150300.10.118.1
* python3-dbm-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* python3-curses-3.6.15-150300.10.118.1
* python3-tools-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-dbm-debuginfo-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* python3-tk-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-curses-debuginfo-3.6.15-150300.10.118.1
* python3-devel-debuginfo-3.6.15-150300.10.118.1
* python3-devel-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* python3-tk-3.6.15-150300.10.118.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* python3-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-base-3.6.15-150300.10.118.1
* python3-idle-3.6.15-150300.10.118.1
* python3-dbm-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* python3-curses-3.6.15-150300.10.118.1
* python3-tools-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-dbm-debuginfo-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* python3-tk-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-curses-debuginfo-3.6.15-150300.10.118.1
* python3-devel-debuginfo-3.6.15-150300.10.118.1
* python3-devel-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* python3-tk-3.6.15-150300.10.118.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* python3-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-base-3.6.15-150300.10.118.1
* python3-idle-3.6.15-150300.10.118.1
* python3-dbm-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* python3-curses-3.6.15-150300.10.118.1
* python3-tools-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-dbm-debuginfo-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* python3-tk-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-curses-debuginfo-3.6.15-150300.10.118.1
* python3-devel-debuginfo-3.6.15-150300.10.118.1
* python3-devel-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* python3-tk-3.6.15-150300.10.118.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* python3-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-base-3.6.15-150300.10.118.1
* python3-idle-3.6.15-150300.10.118.1
* python3-dbm-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* python3-curses-3.6.15-150300.10.118.1
* python3-tools-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-dbm-debuginfo-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* python3-tk-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-curses-debuginfo-3.6.15-150300.10.118.1
* python3-devel-debuginfo-3.6.15-150300.10.118.1
* python3-devel-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* python3-tk-3.6.15-150300.10.118.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* python3-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-base-3.6.15-150300.10.118.1
* python3-idle-3.6.15-150300.10.118.1
* python3-dbm-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* python3-curses-3.6.15-150300.10.118.1
* python3-tools-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-dbm-debuginfo-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* python3-tk-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-curses-debuginfo-3.6.15-150300.10.118.1
* python3-devel-debuginfo-3.6.15-150300.10.118.1
* python3-devel-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* python3-tk-3.6.15-150300.10.118.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* python3-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-base-3.6.15-150300.10.118.1
* python3-idle-3.6.15-150300.10.118.1
* python3-dbm-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* python3-curses-3.6.15-150300.10.118.1
* python3-tools-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-dbm-debuginfo-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* python3-tk-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-curses-debuginfo-3.6.15-150300.10.118.1
* python3-devel-debuginfo-3.6.15-150300.10.118.1
* python3-devel-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* python3-tk-3.6.15-150300.10.118.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* python3-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-base-3.6.15-150300.10.118.1
* python3-idle-3.6.15-150300.10.118.1
* python3-dbm-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* python3-curses-3.6.15-150300.10.118.1
* python3-tools-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-dbm-debuginfo-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* python3-tk-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-curses-debuginfo-3.6.15-150300.10.118.1
* python3-devel-debuginfo-3.6.15-150300.10.118.1
* python3-devel-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* python3-tk-3.6.15-150300.10.118.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* python3-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-base-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* python3-3.6.15-150300.10.118.1
* python3-base-debuginfo-3.6.15-150300.10.118.1
* python3-base-3.6.15-150300.10.118.1
* python3-debuginfo-3.6.15-150300.10.118.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1
* python3-debugsource-3.6.15-150300.10.118.1
* libpython3_6m1_0-3.6.15-150300.10.118.1
* python3-core-debugsource-3.6.15-150300.10.118.1
## References:
* https://www.suse.com/security/cve/CVE-2025-13462.html
* https://www.suse.com/security/cve/CVE-2026-1502.html
* https://www.suse.com/security/cve/CVE-2026-3446.html
* https://www.suse.com/security/cve/CVE-2026-3479.html
* https://www.suse.com/security/cve/CVE-2026-3644.html
* https://www.suse.com/security/cve/CVE-2026-4224.html
* https://www.suse.com/security/cve/CVE-2026-4519.html
* https://www.suse.com/security/cve/CVE-2026-4786.html
* https://www.suse.com/security/cve/CVE-2026-6019.html
* https://www.suse.com/security/cve/CVE-2026-6100.html
* https://bugzilla.suse.com/show_bug.cgi?id=1259611
* https://bugzilla.suse.com/show_bug.cgi?id=1259734
* https://bugzilla.suse.com/show_bug.cgi?id=1259735
* https://bugzilla.suse.com/show_bug.cgi?id=1259989
* https://bugzilla.suse.com/show_bug.cgi?id=1260026
* https://bugzilla.suse.com/show_bug.cgi?id=1261969
* https://bugzilla.suse.com/show_bug.cgi?id=1261970
* https://bugzilla.suse.com/show_bug.cgi?id=1262098
* https://bugzilla.suse.com/show_bug.cgi?id=1262319
* https://bugzilla.suse.com/show_bug.cgi?id=1262654
SUSE-SU-2026:1711-1: moderate: Security update for openssl-3
# Security update for openssl-3
Announcement ID: SUSE-SU-2026:1711-1
Release Date: 2026-05-06T12:04:48Z
Rating: moderate
References:
* bsc#1261678
Cross-References:
* CVE-2026-28390
CVSS scores:
* CVE-2026-28390 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-28390 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-28390 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-28390 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that solves one vulnerability can now be installed.
## Description:
This update for openssl-3 fixes the following issue:
* CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS
EnvelopedData message with KeyTransportRecipientInfo (bsc#1261678).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-1711=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1711=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1711=1
* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1711=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1711=1
## Package List:
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* libopenssl3-3.0.8-150500.5.63.1
* libopenssl3-debuginfo-3.0.8-150500.5.63.1
* libopenssl-3-devel-3.0.8-150500.5.63.1
* openssl-3-3.0.8-150500.5.63.1
* openssl-3-debugsource-3.0.8-150500.5.63.1
* openssl-3-debuginfo-3.0.8-150500.5.63.1
* openSUSE Leap 15.5 (x86_64)
* libopenssl3-32bit-debuginfo-3.0.8-150500.5.63.1
* libopenssl3-32bit-3.0.8-150500.5.63.1
* libopenssl-3-devel-32bit-3.0.8-150500.5.63.1
* openSUSE Leap 15.5 (noarch)
* openssl-3-doc-3.0.8-150500.5.63.1
* openSUSE Leap 15.5 (aarch64_ilp32)
* libopenssl3-64bit-3.0.8-150500.5.63.1
* libopenssl-3-devel-64bit-3.0.8-150500.5.63.1
* libopenssl3-64bit-debuginfo-3.0.8-150500.5.63.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* libopenssl3-3.0.8-150500.5.63.1
* libopenssl3-debuginfo-3.0.8-150500.5.63.1
* libopenssl-3-devel-3.0.8-150500.5.63.1
* openssl-3-3.0.8-150500.5.63.1
* openssl-3-debugsource-3.0.8-150500.5.63.1
* openssl-3-debuginfo-3.0.8-150500.5.63.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* libopenssl3-3.0.8-150500.5.63.1
* libopenssl3-debuginfo-3.0.8-150500.5.63.1
* libopenssl-3-devel-3.0.8-150500.5.63.1
* openssl-3-3.0.8-150500.5.63.1
* openssl-3-debugsource-3.0.8-150500.5.63.1
* openssl-3-debuginfo-3.0.8-150500.5.63.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* libopenssl3-3.0.8-150500.5.63.1
* libopenssl3-debuginfo-3.0.8-150500.5.63.1
* libopenssl-3-devel-3.0.8-150500.5.63.1
* openssl-3-3.0.8-150500.5.63.1
* openssl-3-debugsource-3.0.8-150500.5.63.1
* openssl-3-debuginfo-3.0.8-150500.5.63.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* libopenssl3-3.0.8-150500.5.63.1
* libopenssl3-debuginfo-3.0.8-150500.5.63.1
* libopenssl-3-devel-3.0.8-150500.5.63.1
* openssl-3-3.0.8-150500.5.63.1
* openssl-3-debugsource-3.0.8-150500.5.63.1
* openssl-3-debuginfo-3.0.8-150500.5.63.1
## References:
* https://www.suse.com/security/cve/CVE-2026-28390.html
* https://bugzilla.suse.com/show_bug.cgi?id=1261678
SUSE-SU-2026:1714-1: important: Security update for erlang
# Security update for erlang
Announcement ID: SUSE-SU-2026:1714-1
Release Date: 2026-05-06T12:08:16Z
Rating: important
References:
* bsc#1258663
* bsc#1259681
* bsc#1259682
* bsc#1259687
* bsc#1261728
Cross-References:
* CVE-2026-21620
* CVE-2026-23941
* CVE-2026-23942
* CVE-2026-23943
* CVE-2026-28808
CVSS scores:
* CVE-2026-21620 ( SUSE ): 7.6
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-21620 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-21620 ( NVD ): 2.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-23941 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-23941 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-23941 ( NVD ): 7.0
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-23942 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-23942 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-23942 ( NVD ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-23943 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-23943 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-23943 ( NVD ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-28808 ( SUSE ): 9.1
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-28808 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-28808 ( NVD ): 8.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-28808 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.3
* Server Applications Module 15-SP7
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
An update that solves five vulnerabilities can now be installed.
## Description:
This update for erlang fixes the following issues:
* CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal
(bsc#1258663).
* CVE-2026-23941: HTTP Request Smuggling in Erlang OTP (bsc#1259687).
* CVE-2026-23942: path traversal vulnerability in Erlang OTP (bsc#1259681).
* CVE-2026-23943: denial of service due to improper handling of highly
compressed data in Erlang OTP ssh (bsc#1259682).
* CVE-2026-28808: incorrect authorization can lead to unauthenticated access
to protected CGI scripts (bsc#1261728).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.3
zypper in -t patch SUSE-2026-1714=1
* Server Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-1714=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1714=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1714=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1714=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1714=1
* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1714=1
* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1714=1
* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1714=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1714=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1714=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1714=1
## Package List:
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* erlang-debugger-23.3.4.19-150300.3.32.1
* erlang-reltool-23.3.4.19-150300.3.32.1
* erlang-jinterface-23.3.4.19-150300.3.32.1
* erlang-dialyzer-debuginfo-23.3.4.19-150300.3.32.1
* erlang-jinterface-src-23.3.4.19-150300.3.32.1
* erlang-reltool-src-23.3.4.19-150300.3.32.1
* erlang-diameter-src-23.3.4.19-150300.3.32.1
* erlang-et-23.3.4.19-150300.3.32.1
* erlang-src-23.3.4.19-150300.3.32.1
* erlang-diameter-23.3.4.19-150300.3.32.1
* erlang-observer-src-23.3.4.19-150300.3.32.1
* erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1
* erlang-doc-23.3.4.19-150300.3.32.1
* erlang-wx-debuginfo-23.3.4.19-150300.3.32.1
* erlang-observer-23.3.4.19-150300.3.32.1
* erlang-epmd-23.3.4.19-150300.3.32.1
* erlang-et-src-23.3.4.19-150300.3.32.1
* erlang-wx-23.3.4.19-150300.3.32.1
* erlang-wx-src-23.3.4.19-150300.3.32.1
* erlang-23.3.4.19-150300.3.32.1
* erlang-debugsource-23.3.4.19-150300.3.32.1
* erlang-dialyzer-23.3.4.19-150300.3.32.1
* erlang-debugger-src-23.3.4.19-150300.3.32.1
* erlang-dialyzer-src-23.3.4.19-150300.3.32.1
* erlang-debuginfo-23.3.4.19-150300.3.32.1
* Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* erlang-23.3.4.19-150300.3.32.1
* erlang-epmd-23.3.4.19-150300.3.32.1
* erlang-debugsource-23.3.4.19-150300.3.32.1
* erlang-debuginfo-23.3.4.19-150300.3.32.1
* erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* erlang-23.3.4.19-150300.3.32.1
* erlang-epmd-23.3.4.19-150300.3.32.1
* erlang-debugsource-23.3.4.19-150300.3.32.1
* erlang-debuginfo-23.3.4.19-150300.3.32.1
* erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* erlang-23.3.4.19-150300.3.32.1
* erlang-epmd-23.3.4.19-150300.3.32.1
* erlang-debugsource-23.3.4.19-150300.3.32.1
* erlang-debuginfo-23.3.4.19-150300.3.32.1
* erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* erlang-23.3.4.19-150300.3.32.1
* erlang-epmd-23.3.4.19-150300.3.32.1
* erlang-debugsource-23.3.4.19-150300.3.32.1
* erlang-debuginfo-23.3.4.19-150300.3.32.1
* erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* erlang-23.3.4.19-150300.3.32.1
* erlang-epmd-23.3.4.19-150300.3.32.1
* erlang-debugsource-23.3.4.19-150300.3.32.1
* erlang-debuginfo-23.3.4.19-150300.3.32.1
* erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* erlang-23.3.4.19-150300.3.32.1
* erlang-epmd-23.3.4.19-150300.3.32.1
* erlang-debugsource-23.3.4.19-150300.3.32.1
* erlang-debuginfo-23.3.4.19-150300.3.32.1
* erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* erlang-23.3.4.19-150300.3.32.1
* erlang-epmd-23.3.4.19-150300.3.32.1
* erlang-debugsource-23.3.4.19-150300.3.32.1
* erlang-debuginfo-23.3.4.19-150300.3.32.1
* erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* erlang-23.3.4.19-150300.3.32.1
* erlang-epmd-23.3.4.19-150300.3.32.1
* erlang-debugsource-23.3.4.19-150300.3.32.1
* erlang-debuginfo-23.3.4.19-150300.3.32.1
* erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* erlang-23.3.4.19-150300.3.32.1
* erlang-epmd-23.3.4.19-150300.3.32.1
* erlang-debugsource-23.3.4.19-150300.3.32.1
* erlang-debuginfo-23.3.4.19-150300.3.32.1
* erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* erlang-23.3.4.19-150300.3.32.1
* erlang-epmd-23.3.4.19-150300.3.32.1
* erlang-debugsource-23.3.4.19-150300.3.32.1
* erlang-debuginfo-23.3.4.19-150300.3.32.1
* erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* erlang-23.3.4.19-150300.3.32.1
* erlang-epmd-23.3.4.19-150300.3.32.1
* erlang-debugsource-23.3.4.19-150300.3.32.1
* erlang-debuginfo-23.3.4.19-150300.3.32.1
* erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1
## References:
* https://www.suse.com/security/cve/CVE-2026-21620.html
* https://www.suse.com/security/cve/CVE-2026-23941.html
* https://www.suse.com/security/cve/CVE-2026-23942.html
* https://www.suse.com/security/cve/CVE-2026-23943.html
* https://www.suse.com/security/cve/CVE-2026-28808.html
* https://bugzilla.suse.com/show_bug.cgi?id=1258663
* https://bugzilla.suse.com/show_bug.cgi?id=1259681
* https://bugzilla.suse.com/show_bug.cgi?id=1259682
* https://bugzilla.suse.com/show_bug.cgi?id=1259687
* https://bugzilla.suse.com/show_bug.cgi?id=1261728
SUSE-SU-2026:1723-1: moderate: Security update for openCryptoki
# Security update for openCryptoki
Announcement ID: SUSE-SU-2026:1723-1
Release Date: 2026-05-06T14:57:31Z
Rating: moderate
References:
* bsc#1263819
Cross-References:
* CVE-2026-40253
CVSS scores:
* CVE-2026-40253 ( SUSE ): 7.0
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-40253 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
* CVE-2026-40253 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
* CVE-2026-40253 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
Affected Products:
* openSUSE Leap 15.5
* SUSE Linux Enterprise Micro 5.5
An update that solves one vulnerability can now be installed.
## Description:
This update for openCryptoki fixes the following issues:
* CVE-2026-40253: updated fix by IBM for malformed BER-encoded cryptographic
objects (bsc#1263819)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-1723=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-1723=1
## Package List:
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* openCryptoki-devel-debuginfo-3.23.0-150500.3.18.1
* openCryptoki-3.23.0-150500.3.18.1
* openCryptoki-debuginfo-3.23.0-150500.3.18.1
* openCryptoki-debugsource-3.23.0-150500.3.18.1
* openCryptoki-devel-3.23.0-150500.3.18.1
* openSUSE Leap 15.5 (i586)
* openCryptoki-32bit-debuginfo-3.23.0-150500.3.18.1
* openCryptoki-32bit-3.23.0-150500.3.18.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* openCryptoki-64bit-3.23.0-150500.3.18.1
* openCryptoki-64bit-debuginfo-3.23.0-150500.3.18.1
* SUSE Linux Enterprise Micro 5.5 (s390x)
* openCryptoki-debuginfo-3.23.0-150500.3.18.1
* openCryptoki-3.23.0-150500.3.18.1
* openCryptoki-debugsource-3.23.0-150500.3.18.1
## References:
* https://www.suse.com/security/cve/CVE-2026-40253.html
* https://bugzilla.suse.com/show_bug.cgi?id=1263819
SUSE-SU-2026:1717-1: important: Security update for curl
# Security update for curl
Announcement ID: SUSE-SU-2026:1717-1
Release Date: 2026-05-06T12:14:02Z
Rating: important
References:
* bsc#1259362
* bsc#1262631
* bsc#1262632
* bsc#1262635
* bsc#1262636
* bsc#1262638
Cross-References:
* CVE-2026-1965
* CVE-2026-4873
* CVE-2026-5545
* CVE-2026-6253
* CVE-2026-6276
* CVE-2026-6429
CVSS scores:
* CVE-2026-1965 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
* CVE-2026-1965 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
* CVE-2026-1965 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-4873 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-4873 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-5545 ( SUSE ): 8.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-5545 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
* CVE-2026-6253 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-6253 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-6276 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-6276 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-6429 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-6429 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:
* openSUSE Leap 15.4
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves six vulnerabilities can now be installed.
## Description:
This update for curl fixes the following issues:
Security issues fixed:
* CVE-2026-4873: connection reuse ignores TLS requirement (bsc#1262631).
* CVE-2026-5545: wrong reuse of HTTP Negotiate connection (bsc#1262632).
* CVE-2026-6253: proxy credentials leak over redirect-to proxy (bsc#1262635).
* CVE-2026-6276: stale custom cookie host causes cookie leak (bsc#1262636).
* CVE-2026-6429: netrc credential leak with reused proxy connection
(bsc#1262638).
Other updates and bugfixes:
* sws: prevent "connection monitor" to say disconnect twice (bsc#1259362).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise High Performance Computing 15 SP5
zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2026-1717=1
* SUSE Linux Enterprise Server 15 SP5
zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2026-1717=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2026-1717=1 SUSE-SLE-Product-
SLES_SAP-15-SP5-2026-1717=1
* SUSE Linux Enterprise Desktop 15 SP5
zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2026-1717=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-1717=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-1717=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-1717=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-1717=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-1717=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1717=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1717=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1717=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1717=1
* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1717=1
* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1717=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1717=1 SUSE-SLE-
INSTALLER-15-SP4-2026-1717=1
* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-1717=1
* SUSE Linux Enterprise High Performance Computing 15 SP4
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-1717=1
* SUSE Linux Enterprise Server 15 SP4
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-1717=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-1717=1
* SUSE Linux Enterprise Desktop 15 SP4
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-1717=1
* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-1717=1
* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-1717=1
## Package List:
* SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64)
* libcurl4-8.14.1-150400.5.83.1
* SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64)
* libcurl4-8.14.1-150400.5.83.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* libcurl-devel-8.14.1-150400.5.83.1
* libcurl4-8.14.1-150400.5.83.1
* curl-debugsource-8.14.1-150400.5.83.1
* curl-debuginfo-8.14.1-150400.5.83.1
* libcurl4-debuginfo-8.14.1-150400.5.83.1
* curl-8.14.1-150400.5.83.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
* libcurl4-32bit-debuginfo-8.14.1-150400.5.83.1
* libcurl4-32bit-8.14.1-150400.5.83.1
* SUSE Linux Enterprise Desktop 15 SP5 (x86_64)
* libcurl4-8.14.1-150400.5.83.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libcurl4-8.14.1-150400.5.83.1
* curl-debugsource-8.14.1-150400.5.83.1
* curl-debuginfo-8.14.1-150400.5.83.1
* libcurl4-debuginfo-8.14.1-150400.5.83.1
* curl-8.14.1-150400.5.83.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libcurl4-8.14.1-150400.5.83.1
* curl-debugsource-8.14.1-150400.5.83.1
* curl-debuginfo-8.14.1-150400.5.83.1
* libcurl4-debuginfo-8.14.1-150400.5.83.1
* curl-8.14.1-150400.5.83.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libcurl4-8.14.1-150400.5.83.1
* curl-debugsource-8.14.1-150400.5.83.1
* curl-debuginfo-8.14.1-150400.5.83.1
* libcurl4-debuginfo-8.14.1-150400.5.83.1
* curl-8.14.1-150400.5.83.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libcurl4-8.14.1-150400.5.83.1
* curl-debugsource-8.14.1-150400.5.83.1
* curl-debuginfo-8.14.1-150400.5.83.1
* libcurl4-debuginfo-8.14.1-150400.5.83.1
* curl-8.14.1-150400.5.83.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* libcurl4-8.14.1-150400.5.83.1
* curl-debugsource-8.14.1-150400.5.83.1
* curl-debuginfo-8.14.1-150400.5.83.1
* libcurl4-debuginfo-8.14.1-150400.5.83.1
* curl-8.14.1-150400.5.83.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libcurl-devel-8.14.1-150400.5.83.1
* libcurl4-8.14.1-150400.5.83.1
* curl-debugsource-8.14.1-150400.5.83.1
* curl-debuginfo-8.14.1-150400.5.83.1
* libcurl4-debuginfo-8.14.1-150400.5.83.1
* curl-8.14.1-150400.5.83.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* libcurl4-32bit-debuginfo-8.14.1-150400.5.83.1
* libcurl4-32bit-8.14.1-150400.5.83.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libcurl-devel-8.14.1-150400.5.83.1
* libcurl4-8.14.1-150400.5.83.1
* curl-debugsource-8.14.1-150400.5.83.1
* curl-debuginfo-8.14.1-150400.5.83.1
* libcurl4-debuginfo-8.14.1-150400.5.83.1
* curl-8.14.1-150400.5.83.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* libcurl4-32bit-debuginfo-8.14.1-150400.5.83.1
* libcurl4-32bit-8.14.1-150400.5.83.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* libcurl-devel-8.14.1-150400.5.83.1
* libcurl4-8.14.1-150400.5.83.1
* curl-debugsource-8.14.1-150400.5.83.1
* curl-debuginfo-8.14.1-150400.5.83.1
* libcurl4-debuginfo-8.14.1-150400.5.83.1
* curl-8.14.1-150400.5.83.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
* libcurl4-32bit-debuginfo-8.14.1-150400.5.83.1
* libcurl4-32bit-8.14.1-150400.5.83.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* libcurl-devel-8.14.1-150400.5.83.1
* libcurl4-8.14.1-150400.5.83.1
* curl-debugsource-8.14.1-150400.5.83.1
* curl-debuginfo-8.14.1-150400.5.83.1
* libcurl4-debuginfo-8.14.1-150400.5.83.1
* curl-8.14.1-150400.5.83.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
* libcurl4-32bit-debuginfo-8.14.1-150400.5.83.1
* libcurl4-32bit-8.14.1-150400.5.83.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* libcurl-devel-8.14.1-150400.5.83.1
* libcurl4-8.14.1-150400.5.83.1
* curl-debugsource-8.14.1-150400.5.83.1
* curl-debuginfo-8.14.1-150400.5.83.1
* libcurl4-debuginfo-8.14.1-150400.5.83.1
* curl-8.14.1-150400.5.83.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
* libcurl4-32bit-debuginfo-8.14.1-150400.5.83.1
* libcurl4-32bit-8.14.1-150400.5.83.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* libcurl-devel-8.14.1-150400.5.83.1
* libcurl4-8.14.1-150400.5.83.1
* curl-debugsource-8.14.1-150400.5.83.1
* curl-debuginfo-8.14.1-150400.5.83.1
* libcurl4-debuginfo-8.14.1-150400.5.83.1
* curl-8.14.1-150400.5.83.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
* libcurl4-32bit-debuginfo-8.14.1-150400.5.83.1
* libcurl4-32bit-8.14.1-150400.5.83.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libcurl-devel-8.14.1-150400.5.83.1
* libcurl4-8.14.1-150400.5.83.1
* curl-debugsource-8.14.1-150400.5.83.1
* curl-debuginfo-8.14.1-150400.5.83.1
* libcurl4-debuginfo-8.14.1-150400.5.83.1
* curl-8.14.1-150400.5.83.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* libcurl4-32bit-debuginfo-8.14.1-150400.5.83.1
* libcurl4-32bit-8.14.1-150400.5.83.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libcurl-devel-8.14.1-150400.5.83.1
* curl-mini-debugsource-8.14.1-150400.5.83.1
* libcurl4-8.14.1-150400.5.83.1
* curl-debugsource-8.14.1-150400.5.83.1
* curl-debuginfo-8.14.1-150400.5.83.1
* libcurl-mini4-debuginfo-8.14.1-150400.5.83.1
* libcurl-mini4-8.14.1-150400.5.83.1
* libcurl4-debuginfo-8.14.1-150400.5.83.1
* curl-8.14.1-150400.5.83.1
* openSUSE Leap 15.4 (noarch)
* curl-zsh-completion-8.14.1-150400.5.83.1
* curl-fish-completion-8.14.1-150400.5.83.1
* libcurl-devel-doc-8.14.1-150400.5.83.1
* openSUSE Leap 15.4 (x86_64)
* libcurl4-32bit-debuginfo-8.14.1-150400.5.83.1
* libcurl4-32bit-8.14.1-150400.5.83.1
* libcurl-devel-32bit-8.14.1-150400.5.83.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libcurl4-64bit-8.14.1-150400.5.83.1
* libcurl-devel-64bit-8.14.1-150400.5.83.1
* libcurl4-64bit-debuginfo-8.14.1-150400.5.83.1
* SUSE Linux Enterprise High Performance Computing 15 SP4 (aarch64 x86_64)
* libcurl4-8.14.1-150400.5.83.1
* SUSE Linux Enterprise Server 15 SP4 (aarch64 ppc64le s390x x86_64)
* libcurl4-8.14.1-150400.5.83.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* libcurl4-8.14.1-150400.5.83.1
* SUSE Linux Enterprise Desktop 15 SP4 (x86_64)
* libcurl4-8.14.1-150400.5.83.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* libcurl4-8.14.1-150400.5.83.1
* SUSE Manager Proxy 4.3 (x86_64)
* libcurl4-8.14.1-150400.5.83.1
## References:
* https://www.suse.com/security/cve/CVE-2026-1965.html
* https://www.suse.com/security/cve/CVE-2026-4873.html
* https://www.suse.com/security/cve/CVE-2026-5545.html
* https://www.suse.com/security/cve/CVE-2026-6253.html
* https://www.suse.com/security/cve/CVE-2026-6276.html
* https://www.suse.com/security/cve/CVE-2026-6429.html
* https://bugzilla.suse.com/show_bug.cgi?id=1259362
* https://bugzilla.suse.com/show_bug.cgi?id=1262631
* https://bugzilla.suse.com/show_bug.cgi?id=1262632
* https://bugzilla.suse.com/show_bug.cgi?id=1262635
* https://bugzilla.suse.com/show_bug.cgi?id=1262636
* https://bugzilla.suse.com/show_bug.cgi?id=1262638
SUSE-SU-2026:1718-1: important: Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4)
# Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise
15 SP4)
Announcement ID: SUSE-SU-2026:1718-1
Release Date: 2026-05-06T12:33:52Z
Rating: important
References:
* bsc#1252048
* bsc#1258073
* bsc#1258655
* bsc#1259126
* bsc#1263689
Cross-References:
* CVE-2025-38375
* CVE-2025-39977
* CVE-2026-23004
* CVE-2026-23204
* CVE-2026-31431
CVSS scores:
* CVE-2025-38375 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-39977 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23004 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23204 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
An update that solves five vulnerabilities can now be installed.
## Description:
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.164 fixes
various security issues
The following security issues were fixed:
* CVE-2025-38375: virtio-net: ensure the received length does not exceed
allocated size (bsc#1258073).
* CVE-2025-39977: futex: Prevent use-after-free during requeue-PI
(bsc#1252048).
* CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and
rt_del_uncached_list() (bsc#1258655).
* CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful()
(bsc#1259126).
* CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place
(bsc#1263689).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-1718=1
* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-1718=1
## Package List:
* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP4_Update_40-debugsource-18-150400.2.1
* kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-18-150400.2.1
* kernel-livepatch-5_14_21-150400_24_164-default-18-150400.2.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP4_Update_40-debugsource-18-150400.2.1
* kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-18-150400.2.1
* kernel-livepatch-5_14_21-150400_24_164-default-18-150400.2.1
## References:
* https://www.suse.com/security/cve/CVE-2025-38375.html
* https://www.suse.com/security/cve/CVE-2025-39977.html
* https://www.suse.com/security/cve/CVE-2026-23004.html
* https://www.suse.com/security/cve/CVE-2026-23204.html
* https://www.suse.com/security/cve/CVE-2026-31431.html
* https://bugzilla.suse.com/show_bug.cgi?id=1252048
* https://bugzilla.suse.com/show_bug.cgi?id=1258073
* https://bugzilla.suse.com/show_bug.cgi?id=1258655
* https://bugzilla.suse.com/show_bug.cgi?id=1259126
* https://bugzilla.suse.com/show_bug.cgi?id=1263689
