Perl-HTTP-Tiny, Firefox, Nginx, and more updates for SUSE

SUSE 5658 Published by

SUSE has rolled out a fresh batch of security patches for openSUSE Leap, Tumbleweed, and several SLE releases to address dozens of newly discovered flaws. These updates target essential tools like Mozilla Firefox, nginx, Python, and busybox by closing dangerous gaps that could lead to remote code execution or system crashes. System administrators need to run zypper patch or use YaST right away since many of the fixed issues carry high severity ratings and involve tricky memory corruption bugs. Keeping these packages current remains a straightforward way to block attackers from exploiting known weaknesses before they cause real damage.

openSUSE-SU-2026:20792-1: moderate: Security update for perl-HTTP-Tiny
openSUSE-SU-2026:20788-1: important: Security update for mcphost
openSUSE-SU-2026:20789-1: important: Security update for MozillaFirefox
openSUSE-SU-2026:20781-1: important: Security update for assimp
openSUSE-SU-2026:20784-1: important: Security update for nginx
openSUSE-SU-2026:20786-1: moderate: Security update for GraphicsMagick
openSUSE-SU-2026:20778-1: important: Security update for gnutls
openSUSE-SU-2026:20783-1: moderate: Security update for leancrypto
openSUSE-SU-2026:20787-1: important: Security update for libsndfile
openSUSE-SU-2026:10854-1: moderate: perl-XML-LibXML-2.0212-1.1 on GA media
openSUSE-SU-2026:10856-1: moderate: rclone-1.74.2-1.1 on GA media
openSUSE-SU-2026:10857-1: moderate: rsync-3.4.3-1.1 on GA media
openSUSE-SU-2026:10851-1: moderate: nano-9.0-2.1 on GA media
openSUSE-SU-2026:10849-1: moderate: azure-storage-azcopy-10.32.2-3.1 on GA media
openSUSE-SU-2026:10853-1: moderate: libppsdocument4_0-6-50.1-2.1 on GA media
openSUSE-SU-2026:10848-1: moderate: amazon-ecs-init-1.103.0-2.1 on GA media
openSUSE-SU-2026:10852-1: moderate: nginx-1.31.1-1.1 on GA media
openSUSE-SU-2026:10855-1: moderate: python311-ocrmypdf-17.4.2-1.1 on GA media
SUSE-SU-2026:2053-1: important: Security update for busybox
SUSE-SU-2026:2050-1: important: Security update for nginx
SUSE-SU-2026:2051-1: important: Security update for xz
SUSE-SU-2026:2055-1: important: Security update for python312




openSUSE-SU-2026:20792-1: moderate: Security update for perl-HTTP-Tiny


openSUSE security update: security update for perl-http-tiny
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:20792-1
Rating: moderate
References:

* bsc#1264992

Cross-References:

* CVE-2026-7010

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves one vulnerability and has one bug fix can now be installed.

Description:

This update for perl-HTTP-Tiny fixes the following issues:

Changes in perl-HTTP-Tiny:

- updated to 0.094
0.094
- No changes from 0.093-TRIAL
0.093
- fix to prevent invalid characters in all headers, and prevent header
smuggling (CVE-2026-7010) bsc#1264992

- updated to 0.092
0.092
- No changes from 0.091-TRIAL
0.091
[ADDED]
- Added keep_alive_timeout to force keepalive connections to be closed
based on a timeout.
[CHANGED]
- Optional tests are always required when releasing.
- Always use TCP_NODELAY option.
[FIXED]
- Fixed test incorrectly testing cookie jar interactions multiple times.
- Fixed perl version comparisons to work when not starting with 5.
- Fixed link to LIMITATIONS in documentation.

- updated to 0.090
0.090
- No changes from 0.089-TRIAL
0.089
[CHANGED]
- Find the certificate bundle via IO::Socket::SSL rather than implementing
it in HTTP::Tiny.
- When encoding form data, given a hashref with an arrayref value,
preserve the order of the values in the arrayref rather than sorting.
[DOCS]
- Fixed internal link to "TLS/SSL SUPPORT" section

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-packagehub-267=1

Package List:

- openSUSE Leap 16.0:

perl-HTTP-Tiny-0.094-bp160.1.1

References:

* https://www.suse.com/security/cve/CVE-2026-7010.html



openSUSE-SU-2026:20788-1: important: Security update for mcphost


openSUSE security update: security update for mcphost
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:20788-1
Rating: important
References:

* bsc#1253952
* bsc#1260224
* bsc#1264759
* bsc#1264762
* bsc#1265274
* bsc#1265275

Cross-References:

* CVE-2025-30153
* CVE-2025-47913
* CVE-2025-47914
* CVE-2025-58181
* CVE-2026-32285
* CVE-2026-33186

CVSS scores:

* CVE-2025-30153 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-47913 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-47913 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-47914 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-47914 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-58181 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-58181 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-32285 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-32285 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 6 vulnerabilities and has 6 bug fixes can now be installed.

Description:

This update for mcphost fixes the following issues

- CVE-2025-30153: github.com/getkin/kin-openapi/openapi3filter: Improper Handling of Highly Compressed Data (Data
Amplification) in github.com/getkin/kin-openapi/openapi3filter (bsc#1264762).
- CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in
response to a key listing or (bsc#1265274).
- CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds
read (bsc#1265275).
- CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cause unbounded memory consumption
(bsc#1253952).
- CVE-2026-32285: github.com/buger/jsonparser: denial of service via malformed JSON input (bsc#1264759).
- CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo-
header (bsc#1260224).

Changes for mcphost:

- Updated to version 0.34.0
* Features:
- Upgrade charmbracelet libs to v2 (bubbletea, lipgloss, bubbles)
- Add Google Vertex AI support for Claude models
- Add new models.
* Fixes:
- Eliminate escape sequence leak from spinner tea.Program instances.
- Fix anthropic api issue.
- Convert JSON Schema draft-07 exclusive bounds to draft-04 format.
* Upgrade all dependencies to latest versions, resolve security issues
and to obtain Go 1.26 compatibility.

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-794=1

Package List:

- openSUSE Leap 16.0:

mcphost-0.34.0-160000.1.1
mcphost-bash-completion-0.34.0-160000.1.1
mcphost-fish-completion-0.34.0-160000.1.1
mcphost-zsh-completion-0.34.0-160000.1.1

References:

* https://www.suse.com/security/cve/CVE-2025-30153.html
* https://www.suse.com/security/cve/CVE-2025-47913.html
* https://www.suse.com/security/cve/CVE-2025-47914.html
* https://www.suse.com/security/cve/CVE-2025-58181.html
* https://www.suse.com/security/cve/CVE-2026-32285.html
* https://www.suse.com/security/cve/CVE-2026-33186.html



openSUSE-SU-2026:20789-1: important: Security update for MozillaFirefox


openSUSE security update: security update for mozillafirefox
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:20789-1
Rating: important
References:

* bsc#1265212

Cross-References:

* CVE-2026-8388
* CVE-2026-8391
* CVE-2026-8401
* CVE-2026-8946
* CVE-2026-8947
* CVE-2026-8949
* CVE-2026-8950
* CVE-2026-8953
* CVE-2026-8954
* CVE-2026-8955
* CVE-2026-8956
* CVE-2026-8957
* CVE-2026-8958
* CVE-2026-8959
* CVE-2026-8961
* CVE-2026-8962
* CVE-2026-8968
* CVE-2026-8970
* CVE-2026-8974
* CVE-2026-8975

CVSS scores:

* CVE-2026-8401 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
* CVE-2026-8946 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-8947 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-8949 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2026-8950 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
* CVE-2026-8953 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
* CVE-2026-8954 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
* CVE-2026-8955 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2026-8956 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2026-8957 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2026-8958 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
* CVE-2026-8959 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
* CVE-2026-8961 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
* CVE-2026-8962 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2026-8968 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2026-8970 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2026-8974 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-8975 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 20 vulnerabilities and has one bug fix can now be installed.

Description:

This update for MozillaFirefox fixes the following issues

- Update to Firefox Extended Support Release 140.11.0 ESR MFSA 2026-48 (bsc#1265212).

MFSA 2026-48:

- CVE-2026-8388: Incorrect boundary conditions in the JavaScript Engine: JIT component.
- CVE-2026-8391: Other issue in the JavaScript Engine component.
- CVE-2026-8401: Sandbox escape in the Profile Backup component.
- CVE-2026-8946: Incorrect boundary conditions in the Audio/Video: Web Codecs component.
- CVE-2026-8947: Use-after-free in the DOM: Bindings (WebIDL) component.
- CVE-2026-8949: Integer overflow in the Widget: Win32 component.
- CVE-2026-8950: Same-origin policy bypass in the Networking: HTTP component.
- CVE-2026-8953: Sandbox escape due to use-after-free in the Disability Access APIs component.
- CVE-2026-8954: Incorrect boundary conditions, integer overflow in the Audio/Video component.
- CVE-2026-8955: Privilege escalation in the DOM: Workers component.
- CVE-2026-8956: Integer overflow in the Networking: JAR component.
- CVE-2026-8957: Privilege escalation in the Enterprise Policies component.
- CVE-2026-8958: Information disclosure, sandbox escape in the Security: Process Sandboxing component.
- CVE-2026-8959: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component.
- CVE-2026-8961: Spoofing issue in the Form Autofill component.
- CVE-2026-8962: Mitigation bypass in the DOM: Security component.
- CVE-2026-8968: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component.
- CVE-2026-8970: Privilege escalation in the Security component.
- CVE-2026-8974: Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151.
- CVE-2026-8975: Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151.

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-795=1

Package List:

- openSUSE Leap 16.0:

MozillaFirefox-140.11.0-160000.1.1
MozillaFirefox-branding-upstream-140.11.0-160000.1.1
MozillaFirefox-devel-140.11.0-160000.1.1
MozillaFirefox-translations-common-140.11.0-160000.1.1
MozillaFirefox-translations-other-140.11.0-160000.1.1

References:

* https://www.suse.com/security/cve/CVE-2026-8388.html
* https://www.suse.com/security/cve/CVE-2026-8391.html
* https://www.suse.com/security/cve/CVE-2026-8401.html
* https://www.suse.com/security/cve/CVE-2026-8946.html
* https://www.suse.com/security/cve/CVE-2026-8947.html
* https://www.suse.com/security/cve/CVE-2026-8949.html
* https://www.suse.com/security/cve/CVE-2026-8950.html
* https://www.suse.com/security/cve/CVE-2026-8953.html
* https://www.suse.com/security/cve/CVE-2026-8954.html
* https://www.suse.com/security/cve/CVE-2026-8955.html
* https://www.suse.com/security/cve/CVE-2026-8956.html
* https://www.suse.com/security/cve/CVE-2026-8957.html
* https://www.suse.com/security/cve/CVE-2026-8958.html
* https://www.suse.com/security/cve/CVE-2026-8959.html
* https://www.suse.com/security/cve/CVE-2026-8961.html
* https://www.suse.com/security/cve/CVE-2026-8962.html
* https://www.suse.com/security/cve/CVE-2026-8968.html
* https://www.suse.com/security/cve/CVE-2026-8970.html
* https://www.suse.com/security/cve/CVE-2026-8974.html
* https://www.suse.com/security/cve/CVE-2026-8975.html



openSUSE-SU-2026:20781-1: important: Security update for assimp


openSUSE security update: security update for assimp
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:20781-1
Rating: important
References:

* bsc#1239220
* bsc#1239916
* bsc#1239920
* bsc#1240412
* bsc#1241367

Cross-References:

* CVE-2025-2151
* CVE-2025-2591
* CVE-2025-2592
* CVE-2025-3015
* CVE-2025-3548

CVSS scores:

* CVE-2025-2151 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-2591 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2025-2591 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-2592 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-2592 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-3015 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-3015 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-3548 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 5 vulnerabilities and has 5 bug fixes can now be installed.

Description:

This update for assimp fixes the following issues

- CVE-2025-2151: vulnerability affects the function Assimp: GetNextLine in the library ParsingUtils.h (bsc#1239220).
- CVE-2025-2591: division by zero in code/AssetLib/MDL/MDLLoader.cpp (bsc#1239920).
- CVE-2025-2592: heap-based buffer overflow in Assimp: CSMImporter: InternReadFile of code/AssetLib/CSM/CSMLoader.cpp
(bsc#1239916).
- CVE-2025-3015: manipulation of the argument mIndices leads to out-of-bounds read (bsc#1240412).
- CVE-2025-3548: processing of malformed files may leads to an out-of-bounds read and potential application crash
(bsc#1241367).

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-787=1

Package List:

- openSUSE Leap 16.0:

assimp-devel-5.4.3-160000.3.1
libassimp5-5.4.3-160000.3.1

References:

* https://www.suse.com/security/cve/CVE-2025-2151.html
* https://www.suse.com/security/cve/CVE-2025-2591.html
* https://www.suse.com/security/cve/CVE-2025-2592.html
* https://www.suse.com/security/cve/CVE-2025-3015.html
* https://www.suse.com/security/cve/CVE-2025-3548.html



openSUSE-SU-2026:20784-1: important: Security update for nginx


openSUSE security update: security update for nginx
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:20784-1
Rating: important
References:

* bsc#1257675
* bsc#1260416
* bsc#1260417
* bsc#1260418
* bsc#1260419

Cross-References:

* CVE-2026-1642
* CVE-2026-27654
* CVE-2026-27784
* CVE-2026-28753
* CVE-2026-28755

CVSS scores:

* CVE-2026-1642 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-1642 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-27654 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2026-27654 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-27784 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-27784 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-28753 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-28753 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-28755 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-28755 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 5 vulnerabilities and has 5 bug fixes can now be installed.

Description:

This update for nginx fixes the following issues:

- CVE-2026-1642: plain text data injection into the response from an upstream proxied server (bsc#1257675).
- CVE-2026-27654: buffer overflow in the NGINX worker process via the `ngx_http_dav_module module` (bsc#1260416).
- CVE-2026-27784: NGINX worker memory over-read or over-write via a specially crafted MP4 file (bsc#1260417).
- CVE-2026-28753: improper handling onf CRLF sequences in CRLF responses allows for arbitrary header injection into SMTP
upstream requests (bsc#1260418).
- CVE-2026-28755: TLS handshakes can succeed with revoked certificates due to improper handling of such certificates by
the `ngx_stream_ssl_module` module (bsc#1260419).

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-790=1

Package List:

- openSUSE Leap 16.0:

nginx-1.27.2-160000.3.1
nginx-source-1.27.2-160000.3.1

References:

* https://www.suse.com/security/cve/CVE-2026-1642.html
* https://www.suse.com/security/cve/CVE-2026-27654.html
* https://www.suse.com/security/cve/CVE-2026-27784.html
* https://www.suse.com/security/cve/CVE-2026-28753.html
* https://www.suse.com/security/cve/CVE-2026-28755.html



openSUSE-SU-2026:20786-1: moderate: Security update for GraphicsMagick


openSUSE security update: security update for graphicsmagick
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:20786-1
Rating: moderate
References:

* bsc#1265048

Cross-References:

* CVE-2026-42050

CVSS scores:

* CVE-2026-42050 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves one vulnerability and has one bug fix can now be installed.

Description:

This update for GraphicsMagick fixes the following issue

- CVE-2026-42050: Stack buffer overflow in XTileImage (bsc#1265048).

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-792=1

Package List:

- openSUSE Leap 16.0:

GraphicsMagick-1.3.45-160000.6.1
GraphicsMagick-devel-1.3.45-160000.6.1
libGraphicsMagick++-Q16-12-1.3.45-160000.6.1
libGraphicsMagick++-devel-1.3.45-160000.6.1
libGraphicsMagick-Q16-3-1.3.45-160000.6.1
libGraphicsMagick3-config-1.3.45-160000.6.1
libGraphicsMagickWand-Q16-2-1.3.45-160000.6.1
perl-GraphicsMagick-1.3.45-160000.6.1

References:

* https://www.suse.com/security/cve/CVE-2026-42050.html



openSUSE-SU-2026:20778-1: important: Security update for gnutls


openSUSE security update: security update for gnutls
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:20778-1
Rating: important
References:

* bsc#1263704
* bsc#1263705
* bsc#1263706
* bsc#1263707
* bsc#1263708
* bsc#1263709
* bsc#1263710
* bsc#1263711
* bsc#1263712
* bsc#1263713
* bsc#1263714
* bsc#1263715
* bsc#1263716

Cross-References:

* CVE-2026-33845
* CVE-2026-33846
* CVE-2026-3832
* CVE-2026-3833
* CVE-2026-42009
* CVE-2026-42010
* CVE-2026-42011
* CVE-2026-42012
* CVE-2026-42013
* CVE-2026-42014
* CVE-2026-42015
* CVE-2026-5260
* CVE-2026-5419

CVSS scores:

* CVE-2026-33845 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
* CVE-2026-33845 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-33846 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-33846 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-3833 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-3833 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-42009 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-42009 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-42010 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
* CVE-2026-42010 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-42011 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-42011 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-42013 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
* CVE-2026-42013 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-42014 ( SUSE ): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-42014 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-42015 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
* CVE-2026-42015 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-5260 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-5260 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-5419 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-5419 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 13 vulnerabilities and has 13 bug fixes can now be installed.

Description:

This update for gnutls fixes the following issues

- CVE-2026-3832: cert-session: fix multi-entry OCSP revocation bypass (bsc#1263706).
- CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive (bsc#1263707).
- CVE-2026-5260: lib/pkcs11_privkey: guard against overreading on short ciphertexts (bsc#1263715).
- CVE-2026-5419: gnutls_cipher_decrypt3: make PKCS#7 unpadding branch free (bsc#1263716).
- CVE-2026-33845: buffers: switch from end_offset over to frag_length (bsc#1263704).
- CVE-2026-33846: buffers: add more checks to DTLS reassembly (bsc#1263705).
- CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers (bsc#1263708).
- CVE-2026-42010: lib/auth/rsa_psk: fix binary PSK identity lookup (bsc#1263709).
- CVE-2026-42011: x509/name_constraints: fix intersecting empty constraints (bsc#1263710).
- CVE-2026-42012: x509/hostname-verify: make URI/SRV SAN preclude CN fallback (bsc#1263711).
- CVE-2026-42013: x509: prevent fallback on oversized SAN (bsc#1263712).
- CVE-2026-42014: pkcs11_write: fix UAF and leak in gnutls_pkcs11_token_set_pin (bsc#1263713).
- CVE-2026-42015: x509/pkcs12_bag: fix off-by-one in bag element bounds chec (bsc#1263714).

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-776=1

Package List:

- openSUSE Leap 16.0:

gnutls-3.8.10-160000.3.1
libgnutls-devel-3.8.10-160000.3.1
libgnutls-devel-doc-3.8.10-160000.3.1
libgnutls30-3.8.10-160000.3.1
libgnutlsxx-devel-3.8.10-160000.3.1
libgnutlsxx30-3.8.10-160000.3.1

References:

* https://www.suse.com/security/cve/CVE-2026-33845.html
* https://www.suse.com/security/cve/CVE-2026-33846.html
* https://www.suse.com/security/cve/CVE-2026-3832.html
* https://www.suse.com/security/cve/CVE-2026-3833.html
* https://www.suse.com/security/cve/CVE-2026-42009.html
* https://www.suse.com/security/cve/CVE-2026-42010.html
* https://www.suse.com/security/cve/CVE-2026-42011.html
* https://www.suse.com/security/cve/CVE-2026-42012.html
* https://www.suse.com/security/cve/CVE-2026-42013.html
* https://www.suse.com/security/cve/CVE-2026-42014.html
* https://www.suse.com/security/cve/CVE-2026-42015.html
* https://www.suse.com/security/cve/CVE-2026-5260.html
* https://www.suse.com/security/cve/CVE-2026-5419.html



openSUSE-SU-2026:20783-1: moderate: Security update for leancrypto


openSUSE security update: security update for leancrypto
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:20783-1
Rating: moderate
References:

* bsc#1253654
* bsc#1254370
* bsc#1261382
* bsc#1262399

Cross-References:

* CVE-2026-34610

CVSS scores:

* CVE-2026-34610 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves one vulnerability and has 4 bug fixes can now be installed.

Description:

This update for leancrypto fixes the following issues

Security issue:

- CVE-2026-34610: The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant
cryptographic algorithms. Prior to version 1.7.1, lc_x509_extract_name_segment() casts size_t vlen to uint8_t when
stori (bsc#1261382).

Non security issues:

- gnutls Illegal instruction lc_kyber_768_kem_dec_selftest (bsc#1253654).
- gnutls: test pqc-hybrid-kx fails on Nehalem or older CPU (bsc#1254370).

Changes for leancrypto:

- Calculate the FIPS HMAC for the leancrypto and the leancrypto-fips
libraries. (bsc#1262399)
- Fix build on kernel 7.0
- Pick fix for ABI issue in AVX2 assembly for Curve448 causing
test failures when building with GCC 16.
- Update to 1.7.2:
* Fix RDSEED counter
* Process code by AI code checkers and apply suggested cosmetic fixes
* Heap memory: always munlock all mlock'ed memory
* Fix ChaCha20 on Apple compiled with XCode 26.4
* Fix a potential crasher with Base64 and applied various fixes reported
* Add X.509 certificate signing request (CSR) generator and parser
* ML-DSA: add lc_dilithium_pk_from_sk API to derive the PK from a given SK
* SLH-DSA: add lc_sphincs_pk_from_sk API to derive the PK from a given SK
* ML-KEM: add lc_kyber_pk_from_sk API to derive the PK from a given SK
* AES-CT: fix non-aligned data processing - reported
* Apply suggestions from Claude code
* X.509: Enforce path length restriction
- Update to 1.7.1
* Offer a means to select the AES-C constant time / S-Box implementation via
lc_init API
* use the AES-C constant time implementation by default - it is about 3 times
slower than the AES-C S-Box implementation, but more secure. As the
leancrypto library is about secure by default, the CT implementation is
just right. Furthermore, if a caller wants to have the faster AES-C S-Box,
he can call lc_init(LC_INIT_AES_SBOX) at the beginning.
* FIPS: mark only seeded DRBG instances as FIPS-approved
* ASN.1: add lc_x509_cert_check_issuer_ca convenience function
* Enable side-channel-resistant AES implementation (and thus enable
respective Timecop tests)
* Fix some side channel test failures (all failures are due to test case
issues, and no real problems)
* AARCH64: enable GCS support
* Add PKCS#8 support for ML-DSA following RFC9881 including full support for
the seed or full keys. The change adds OpenSSL interoperability testing as
well. NOTE: The raw on-disk private key format that is generated with
lc_x509_generate --create-keypair changed to comply with RFC9881.
* Add PKCS#8 support for SLH-DSA. The change adds OpenSSL interoperability
testing as well. NOTE: The raw on-disk private key format that is generated
with lc_x509_generate --create-keypair changed to dump the raw key instead
of wrapping it into a BIT STRING to comply with OpenSSL's format.
* Provide full PKCS#7 interoperability with OpenSSL: OpenSSL artificially
orders the parsing of the authenticated attributes. This implies that the
message digest part of the authenticated attributes is parsed as last
entry. This ordering is important for the signature generation and
verification. Furthermore, for ML-DSA/SLH-DSA, the authenticated attributes
are signed with the pure algorithm instead of the pre-hashed operation as
suggested by RFC5652 section 9.2.
* ML-KEM/DSA: add safety measures against compilers trying to reason about
code they should not reason about. Derived from
https://github.com/pq-code-package/ml[dsa|kem]-native/
* ML-DSA: reduce amount of duplicate code compilation suggested
* ML-DSA: fix bug in poly_uniform which, however, is unlikely to be triggered
* ChaCha20: fix crasher when assembler support is not compiled
* Add AES constant time C implementation accessible with the lc_aes_*ct
references. Yet, it is about 3 times slower than the default C
implementation. Thus is is only provided if somebody truly relies on a
constant time implementation.
- Fix bsc#1254370, bsc#1253654 - AVX detection is wrong on older intel CPUs
- Update to 1.6.0:
* ASN.1: use stack for small generator for small use cases
* X.509: Updates required to support the shim boot loader
* X.509: add lc_gmtime to convert Epoch to time format
* ASN.1: added to Linux kernel (for 64 bit systems only)
* Added AES-GCM and AES-XTS
* Availability: remove assert() calls throughout the code - in case of a self
test error, disable the algorithm. Instead of using assert, apply a centrally
managed test manager that stores the test status. This implies that some
initalization APIs like lc_hash_init, lc_sym_init, lc_hmac_init are changed
such that they return an error code if self tests failed. Thus, the version
is now changed as this is considered to be an ABI change. Although this
sounds heavy, the test manager is relatively small and the runtime state
should be smaller than the old approach considering the old approach uses one
global 32 bit integer per self test to maintain the state. This is now
replaced with a set of 32 bit atomic integers that hold a 3-bit field for
each algorithm. This change also adds the API call of lc_rerun_one_selftest
which allows triggering the reruning of a self test for one given algorithm.
* FIPS: Rearchitect integrity test control value generator: The build process now
uses the host's objcopy to extract the ELF sections of interest into a separate
file, use a build_machine compiled version of sha3-256sum to generate the
digest of it and reinsert it into the leancrypto-fips.so. This now allows
cross-compilation with FIPS integrity test support. There is no functional
change to leancrypto though.
* Significant reduction of compilation units by almost half by not having
global, but per-test compiled C files.
* Linux kernel: add /proc/leancrypto
* FIPS: Add negative testing support
* Add SHAKE-512 and XDRBG-512 support
* FIPS: Add FIPS indicator which implies that libleancrypto.so has the same
functionality as libleancrypto-fips.so with the exception that the latter
performs an integrity test.
* ARMv9: fix BTI for ML-DSA
- Don't strip debug symbols
- Add Linux kernel module spec file

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-789=1

Package List:

- openSUSE Leap 16.0:

leancrypto-devel-1.7.2-160000.1.1
leancrypto-devel-static-1.7.2-160000.1.1
leancrypto-kmp-64kb-1.7.2_k6.12.0_160000.32-160000.1.1
leancrypto-kmp-default-1.7.2_k6.12.0_160000.32-160000.1.1
leancrypto-tools-1.7.2-160000.1.1
libleancrypto-fips1-1.7.2-160000.1.1
libleancrypto1-1.7.2-160000.1.1

References:

* https://www.suse.com/security/cve/CVE-2026-34610.html



openSUSE-SU-2026:20787-1: important: Security update for libsndfile


openSUSE security update: security update for libsndfile
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:20787-1
Rating: important
References:

* bsc#1248458
* bsc#1256702
* bsc#1263695

Cross-References:

* CVE-2025-52194
* CVE-2025-56226
* CVE-2026-37555

CVSS scores:

* CVE-2025-52194 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-52194 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-56226 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-56226 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-37555 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-37555 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 3 vulnerabilities and has 3 bug fixes can now be installed.

Description:

This update for libsndfile fixes the following issues

- CVE-2025-52194: buffer overflow in the ircam_read_header function of file src/ircam.c when processing malformed IRCAM
audio files (bsc#1248458).
- CVE-2025-56226: memory leak in the `mpeg_l3_encoder_init()` function of `mpeg_l3_encode.c` (bsc#1256702).
- CVE-2026-37555: IMA-ADPCM integer overflow (bsc#1263695).

Changes for libsndfile:

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-793=1

Package List:

- openSUSE Leap 16.0:

libsndfile-devel-1.2.2-160000.4.1
libsndfile-progs-1.2.2-160000.4.1
libsndfile1-1.2.2-160000.4.1

References:

* https://www.suse.com/security/cve/CVE-2025-52194.html
* https://www.suse.com/security/cve/CVE-2025-56226.html
* https://www.suse.com/security/cve/CVE-2026-37555.html



openSUSE-SU-2026:10854-1: moderate: perl-XML-LibXML-2.0212-1.1 on GA media


# perl-XML-LibXML-2.0212-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10854-1
Rating: moderate

Cross-References:

* CVE-2026-8177

CVSS scores:

* CVE-2026-8177 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the perl-XML-LibXML-2.0212-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* perl-XML-LibXML 2.0212-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-8177.html



openSUSE-SU-2026:10856-1: moderate: rclone-1.74.2-1.1 on GA media


# rclone-1.74.2-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10856-1
Rating: moderate

Cross-References:

* CVE-2026-25680
* CVE-2026-25681
* CVE-2026-27136
* CVE-2026-33809
* CVE-2026-39821
* CVE-2026-39824
* CVE-2026-39827
* CVE-2026-39828
* CVE-2026-39829
* CVE-2026-39830
* CVE-2026-39831
* CVE-2026-39832
* CVE-2026-39833
* CVE-2026-39834
* CVE-2026-39835
* CVE-2026-42500
* CVE-2026-42502
* CVE-2026-42506
* CVE-2026-42508
* CVE-2026-44740
* CVE-2026-46595
* CVE-2026-46597
* CVE-2026-46598

CVSS scores:

* CVE-2026-39827 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39827 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-39828 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-39828 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-39829 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39829 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-39830 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39830 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-39831 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-39831 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-39832 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
* CVE-2026-39832 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N
* CVE-2026-39833 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-39833 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-39834 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39834 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-39835 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39835 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-42508 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-42508 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-46595 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-46595 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-46597 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-46597 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46598 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-46598 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 23 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the rclone-1.74.2-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* rclone 1.74.2-1.1
* rclone-bash-completion 1.74.2-1.1
* rclone-zsh-completion 1.74.2-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-25680.html
* https://www.suse.com/security/cve/CVE-2026-25681.html
* https://www.suse.com/security/cve/CVE-2026-27136.html
* https://www.suse.com/security/cve/CVE-2026-33809.html
* https://www.suse.com/security/cve/CVE-2026-39821.html
* https://www.suse.com/security/cve/CVE-2026-39824.html
* https://www.suse.com/security/cve/CVE-2026-39827.html
* https://www.suse.com/security/cve/CVE-2026-39828.html
* https://www.suse.com/security/cve/CVE-2026-39829.html
* https://www.suse.com/security/cve/CVE-2026-39830.html
* https://www.suse.com/security/cve/CVE-2026-39831.html
* https://www.suse.com/security/cve/CVE-2026-39832.html
* https://www.suse.com/security/cve/CVE-2026-39833.html
* https://www.suse.com/security/cve/CVE-2026-39834.html
* https://www.suse.com/security/cve/CVE-2026-39835.html
* https://www.suse.com/security/cve/CVE-2026-42500.html
* https://www.suse.com/security/cve/CVE-2026-42502.html
* https://www.suse.com/security/cve/CVE-2026-42506.html
* https://www.suse.com/security/cve/CVE-2026-42508.html
* https://www.suse.com/security/cve/CVE-2026-44740.html
* https://www.suse.com/security/cve/CVE-2026-46595.html
* https://www.suse.com/security/cve/CVE-2026-46597.html
* https://www.suse.com/security/cve/CVE-2026-46598.html



openSUSE-SU-2026:10857-1: moderate: rsync-3.4.3-1.1 on GA media


# rsync-3.4.3-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10857-1
Rating: moderate

Cross-References:

* CVE-2026-29518
* CVE-2026-43617
* CVE-2026-43618
* CVE-2026-43619
* CVE-2026-43620
* CVE-2026-45232

CVSS scores:

* CVE-2026-29518 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-29518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43617 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-43617 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-43618 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-43618 ( SUSE ): 6.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43619 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-43619 ( SUSE ): 7.2 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-43620 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-43620 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45232 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L
* CVE-2026-45232 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 6 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the rsync-3.4.3-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* rsync 3.4.3-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-29518.html
* https://www.suse.com/security/cve/CVE-2026-43617.html
* https://www.suse.com/security/cve/CVE-2026-43618.html
* https://www.suse.com/security/cve/CVE-2026-43619.html
* https://www.suse.com/security/cve/CVE-2026-43620.html
* https://www.suse.com/security/cve/CVE-2026-45232.html



openSUSE-SU-2026:10851-1: moderate: nano-9.0-2.1 on GA media


# nano-9.0-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10851-1
Rating: moderate

Cross-References:

* CVE-2026-6842
* CVE-2026-6843

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the nano-9.0-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* nano 9.0-2.1
* nano-lang 9.0-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-6842.html
* https://www.suse.com/security/cve/CVE-2026-6843.html



openSUSE-SU-2026:10849-1: moderate: azure-storage-azcopy-10.32.2-3.1 on GA media


# azure-storage-azcopy-10.32.2-3.1 on GA media

Announcement ID: openSUSE-SU-2026:10849-1
Rating: moderate

Cross-References:

* CVE-2026-33814

CVSS scores:

* CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the azure-storage-azcopy-10.32.2-3.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* azure-storage-azcopy 10.32.2-3.1

## References:

* https://www.suse.com/security/cve/CVE-2026-33814.html



openSUSE-SU-2026:10853-1: moderate: libppsdocument4_0-6-50.1-2.1 on GA media


# libppsdocument4_0-6-50.1-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10853-1
Rating: moderate

Cross-References:

* CVE-2026-46529

CVSS scores:

* CVE-2026-46529 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-46529 ( SUSE ): 7.5 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the libppsdocument4_0-6-50.1-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libppsdocument4_0-6 50.1-2.1
* libppsview4_0-5 50.1-2.1
* nautilus-extension-papers 50.1-2.1
* papers 50.1-2.1
* papers-devel 50.1-2.1
* papers-lang 50.1-2.1
* papers-plugin-comicsdocument 50.1-2.1
* papers-plugin-djvudocument 50.1-2.1
* papers-plugin-pdfdocument 50.1-2.1
* papers-plugin-tiffdocument 50.1-2.1
* typelib-1_0-PapersDocument-4_0 50.1-2.1
* typelib-1_0-PapersView-4_0 50.1-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-46529.html



openSUSE-SU-2026:10848-1: moderate: amazon-ecs-init-1.103.0-2.1 on GA media


# amazon-ecs-init-1.103.0-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10848-1
Rating: moderate

Cross-References:

* CVE-2026-33814

CVSS scores:

* CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the amazon-ecs-init-1.103.0-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* amazon-ecs-init 1.103.0-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-33814.html



openSUSE-SU-2026:10852-1: moderate: nginx-1.31.1-1.1 on GA media


# nginx-1.31.1-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10852-1
Rating: moderate

Cross-References:

* CVE-2026-9256

CVSS scores:

* CVE-2026-9256 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-9256 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the nginx-1.31.1-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* nginx 1.31.1-1.1
* nginx-source 1.31.1-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-9256.html



openSUSE-SU-2026:10855-1: moderate: python311-ocrmypdf-17.4.2-1.1 on GA media


# python311-ocrmypdf-17.4.2-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10855-1
Rating: moderate

Cross-References:

* CVE-2023-43115

CVSS scores:

* CVE-2023-43115 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the python311-ocrmypdf-17.4.2-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python311-ocrmypdf 17.4.2-1.1
* python313-ocrmypdf 17.4.2-1.1
* python314-ocrmypdf 17.4.2-1.1

## References:

* https://www.suse.com/security/cve/CVE-2023-43115.html



SUSE-SU-2026:2053-1: important: Security update for busybox


# Security update for busybox

Announcement ID: SUSE-SU-2026:2053-1
Release Date: 2026-05-25T14:01:54Z
Rating: important
References:

* bsc#1263989

Cross-References:

* CVE-2026-29004

CVSS scores:

* CVE-2026-29004 ( SUSE ): 7.2
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-29004 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
* CVE-2026-29004 ( NVD ): 7.2
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-29004 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for busybox fixes the following issue

* CVE-2026-29004: Heap buffer overflow vulnerability in the DHCPv6 client
(udhcpc6) DNS_SERVERS option handler in networking/udhcp/d6_dhcpc.c
(bsc#1263989).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-2053=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2053=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2053=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2053=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2053=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2053=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2053=1

## Package List:

* openSUSE Leap 15.5 (noarch)
* busybox-hexedit-1.37.0-150500.7.13.1
* busybox-links-1.37.0-150500.7.13.1
* busybox-iproute2-1.37.0-150500.7.13.1
* busybox-coreutils-1.37.0-150500.7.13.1
* busybox-less-1.37.0-150500.7.13.1
* busybox-gawk-1.37.0-150500.7.13.1
* busybox-misc-1.37.0-150500.7.13.1
* busybox-man-1.37.0-150500.7.13.1
* busybox-sha3sum-1.37.0-150500.7.13.1
* busybox-tunctl-1.37.0-150500.7.13.1
* busybox-whois-1.37.0-150500.7.13.1
* busybox-sh-1.37.0-150500.7.13.1
* busybox-unzip-1.37.0-150500.7.13.1
* busybox-iputils-1.37.0-150500.7.13.1
* busybox-net-tools-1.37.0-150500.7.13.1
* busybox-vi-1.37.0-150500.7.13.1
* busybox-netcat-1.37.0-150500.7.13.1
* busybox-kmod-1.37.0-150500.7.13.1
* busybox-xz-1.37.0-150500.7.13.1
* busybox-psmisc-1.37.0-150500.7.13.1
* busybox-telnet-1.37.0-150500.7.13.1
* busybox-cpio-1.37.0-150500.7.13.1
* busybox-bind-utils-1.37.0-150500.7.13.1
* busybox-procps-1.37.0-150500.7.13.1
* busybox-sysvinit-tools-1.37.0-150500.7.13.1
* busybox-util-linux-1.37.0-150500.7.13.1
* busybox-hostname-1.37.0-150500.7.13.1
* busybox-which-1.37.0-150500.7.13.1
* busybox-sendmail-1.37.0-150500.7.13.1
* busybox-udhcpc-1.37.0-150500.7.13.1
* busybox-vlan-1.37.0-150500.7.13.1
* busybox-tftp-1.37.0-150500.7.13.1
* busybox-syslogd-1.37.0-150500.7.13.1
* busybox-bc-1.37.0-150500.7.13.1
* busybox-dos2unix-1.37.0-150500.7.13.1
* busybox-time-1.37.0-150500.7.13.1
* busybox-sharutils-1.37.0-150500.7.13.1
* busybox-sed-1.37.0-150500.7.13.1
* busybox-traceroute-1.37.0-150500.7.13.1
* busybox-ncurses-utils-1.37.0-150500.7.13.1
* busybox-diffutils-1.37.0-150500.7.13.1
* busybox-tar-1.37.0-150500.7.13.1
* busybox-wget-1.37.0-150500.7.13.1
* busybox-bzip2-1.37.0-150500.7.13.1
* busybox-grep-1.37.0-150500.7.13.1
* busybox-attr-1.37.0-150500.7.13.1
* busybox-adduser-1.37.0-150500.7.13.1
* busybox-selinux-tools-1.37.0-150500.7.13.1
* busybox-ed-1.37.0-150500.7.13.1
* busybox-findutils-1.37.0-150500.7.13.1
* busybox-gzip-1.37.0-150500.7.13.1
* busybox-policycoreutils-1.37.0-150500.7.13.1
* busybox-patch-1.37.0-150500.7.13.1
* busybox-kbd-1.37.0-150500.7.13.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* busybox-testsuite-1.37.0-150500.10.20.1
* busybox-static-debuginfo-1.37.0-150500.10.20.1
* busybox-debugsource-1.37.0-150500.10.20.1
* busybox-1.37.0-150500.10.20.1
* busybox-static-1.37.0-150500.10.20.1
* busybox-debuginfo-1.37.0-150500.10.20.1
* openSUSE Leap 15.5 (aarch64 x86_64 i586)
* busybox-warewulf3-debuginfo-1.37.0-150500.10.20.1
* busybox-warewulf3-1.37.0-150500.10.20.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* busybox-static-1.37.0-150500.10.20.1
* busybox-1.37.0-150500.10.20.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* busybox-static-1.37.0-150500.10.20.1
* busybox-1.37.0-150500.10.20.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* busybox-static-1.37.0-150500.10.20.1
* busybox-1.37.0-150500.10.20.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* busybox-static-1.37.0-150500.10.20.1
* busybox-1.37.0-150500.10.20.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* busybox-static-1.37.0-150500.10.20.1
* busybox-1.37.0-150500.10.20.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* busybox-static-1.37.0-150500.10.20.1
* busybox-1.37.0-150500.10.20.1

## References:

* https://www.suse.com/security/cve/CVE-2026-29004.html
* https://bugzilla.suse.com/show_bug.cgi?id=1263989



SUSE-SU-2026:2050-1: important: Security update for nginx


# Security update for nginx

Announcement ID: SUSE-SU-2026:2050-1
Release Date: 2026-05-25T13:58:45Z
Rating: important
References:

* bsc#1260415
* bsc#1260420
* bsc#1265229
* bsc#1265231
* bsc#1265232
* bsc#1265233

Cross-References:

* CVE-2026-27651
* CVE-2026-32647
* CVE-2026-40701
* CVE-2026-42934
* CVE-2026-42945
* CVE-2026-42946

CVSS scores:

* CVE-2026-27651 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-27651 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-27651 ( NVD ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-27651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-32647 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-32647 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-32647 ( NVD ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-32647 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-40701 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2026-40701 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2026-40701 ( NVD ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-40701 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
* CVE-2026-42934 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-42934 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
* CVE-2026-42934 ( NVD ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-42934 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
* CVE-2026-42945 ( SUSE ): 8.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-42945 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
* CVE-2026-42945 ( NVD ): 9.2
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-42945 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-42946 ( SUSE ): 8.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-42946 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L
* CVE-2026-42946 ( NVD ): 8.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-42946 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L

Affected Products:

* openSUSE Leap 15.6
* Server Applications Module 15-SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves six vulnerabilities can now be installed.

## Description:

This update for nginx fixes the following issues

* CVE-2026-27651: denial of service via undisclosed requests when the
`ngx_mail_auth_http_module` is enabled (bsc#1260415).
* CVE-2026-32647: NGINX worker memory over-read or over-write via a specially
crafted MP4 file (bsc#1260420).
* CVE-2026-40701: heap use-after-free in the worker process when the
`ssl_verify_client` and the `ssl_ocsp` directives are set due to issue in
the `ngx_http_ssl_module` module (bsc#1265229).
* CVE-2026-42934: heap buffer overread in the worker process due to issue in
the `ngx_http_charset_module` module (bsc#1265231).
* CVE-2026-42945: heap buffer overflow via crafted HTTP requests due to issue
in `ngx_http_rewrite_module` (bsc#1265232).
* CVE-2026-42946: excessive memory allocation and data overread due to issue
in the `ngx_http_scgi_module` and `ngx_http_uwsgi_module` modules
(bsc#1265233).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2050=1

* Server Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-2050=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2050=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2050=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* nginx-debuginfo-1.21.5-150600.10.18.1
* nginx-1.21.5-150600.10.18.1
* nginx-debugsource-1.21.5-150600.10.18.1
* openSUSE Leap 15.6 (noarch)
* nginx-source-1.21.5-150600.10.18.1
* Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* nginx-debuginfo-1.21.5-150600.10.18.1
* nginx-1.21.5-150600.10.18.1
* nginx-debugsource-1.21.5-150600.10.18.1
* Server Applications Module 15-SP7 (noarch)
* nginx-source-1.21.5-150600.10.18.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* nginx-debuginfo-1.21.5-150600.10.18.1
* nginx-1.21.5-150600.10.18.1
* nginx-debugsource-1.21.5-150600.10.18.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (noarch)
* nginx-source-1.21.5-150600.10.18.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* nginx-debuginfo-1.21.5-150600.10.18.1
* nginx-1.21.5-150600.10.18.1
* nginx-debugsource-1.21.5-150600.10.18.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch)
* nginx-source-1.21.5-150600.10.18.1

## References:

* https://www.suse.com/security/cve/CVE-2026-27651.html
* https://www.suse.com/security/cve/CVE-2026-32647.html
* https://www.suse.com/security/cve/CVE-2026-40701.html
* https://www.suse.com/security/cve/CVE-2026-42934.html
* https://www.suse.com/security/cve/CVE-2026-42945.html
* https://www.suse.com/security/cve/CVE-2026-42946.html
* https://bugzilla.suse.com/show_bug.cgi?id=1260415
* https://bugzilla.suse.com/show_bug.cgi?id=1260420
* https://bugzilla.suse.com/show_bug.cgi?id=1265229
* https://bugzilla.suse.com/show_bug.cgi?id=1265231
* https://bugzilla.suse.com/show_bug.cgi?id=1265232
* https://bugzilla.suse.com/show_bug.cgi?id=1265233



SUSE-SU-2026:2051-1: important: Security update for xz


# Security update for xz

Announcement ID: SUSE-SU-2026:2051-1
Release Date: 2026-05-25T13:59:52Z
Rating: important
References:

* bsc#1261280

Cross-References:

* CVE-2026-34743

CVSS scores:

* CVE-2026-34743 ( SUSE ): 7.5
CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-34743 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-34743 ( NVD ): 1.7
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-34743 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* Basesystem Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for xz fixes the following issue

* CVE-2026-34743: buffer overflow in lzma_index_append() (bsc#1261280).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2051=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2051=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2051=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2051=1

## Package List:

* openSUSE Leap 15.6 (x86_64)
* xz-devel-32bit-5.4.1-150600.3.6.1
* liblzma5-32bit-debuginfo-5.4.1-150600.3.6.1
* liblzma5-32bit-5.4.1-150600.3.6.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* xz-static-devel-5.4.1-150600.3.6.1
* xz-debugsource-5.4.1-150600.3.6.1
* xz-debuginfo-5.4.1-150600.3.6.1
* xz-devel-5.4.1-150600.3.6.1
* xz-5.4.1-150600.3.6.1
* liblzma5-debuginfo-5.4.1-150600.3.6.1
* liblzma5-5.4.1-150600.3.6.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* xz-devel-64bit-5.4.1-150600.3.6.1
* liblzma5-64bit-5.4.1-150600.3.6.1
* liblzma5-64bit-debuginfo-5.4.1-150600.3.6.1
* openSUSE Leap 15.6 (noarch)
* xz-lang-5.4.1-150600.3.6.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* xz-static-devel-5.4.1-150600.3.6.1
* xz-debugsource-5.4.1-150600.3.6.1
* xz-debuginfo-5.4.1-150600.3.6.1
* xz-devel-5.4.1-150600.3.6.1
* xz-5.4.1-150600.3.6.1
* liblzma5-debuginfo-5.4.1-150600.3.6.1
* liblzma5-5.4.1-150600.3.6.1
* Basesystem Module 15-SP7 (noarch)
* xz-lang-5.4.1-150600.3.6.1
* Basesystem Module 15-SP7 (x86_64)
* liblzma5-32bit-debuginfo-5.4.1-150600.3.6.1
* liblzma5-32bit-5.4.1-150600.3.6.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* xz-static-devel-5.4.1-150600.3.6.1
* xz-debugsource-5.4.1-150600.3.6.1
* xz-debuginfo-5.4.1-150600.3.6.1
* xz-devel-5.4.1-150600.3.6.1
* xz-5.4.1-150600.3.6.1
* liblzma5-debuginfo-5.4.1-150600.3.6.1
* liblzma5-5.4.1-150600.3.6.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch)
* xz-lang-5.4.1-150600.3.6.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64)
* liblzma5-32bit-debuginfo-5.4.1-150600.3.6.1
* liblzma5-32bit-5.4.1-150600.3.6.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* xz-static-devel-5.4.1-150600.3.6.1
* xz-debugsource-5.4.1-150600.3.6.1
* xz-debuginfo-5.4.1-150600.3.6.1
* xz-devel-5.4.1-150600.3.6.1
* xz-5.4.1-150600.3.6.1
* liblzma5-debuginfo-5.4.1-150600.3.6.1
* liblzma5-5.4.1-150600.3.6.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (noarch)
* xz-lang-5.4.1-150600.3.6.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64)
* liblzma5-32bit-debuginfo-5.4.1-150600.3.6.1
* liblzma5-32bit-5.4.1-150600.3.6.1

## References:

* https://www.suse.com/security/cve/CVE-2026-34743.html
* https://bugzilla.suse.com/show_bug.cgi?id=1261280



SUSE-SU-2026:2055-1: important: Security update for python312


# Security update for python312

Announcement ID: SUSE-SU-2026:2055-1
Release Date: 2026-05-25T14:02:53Z
Rating: important
References:

* bsc#1261969
* bsc#1262098
* bsc#1262319
* bsc#1262654

Cross-References:

* CVE-2026-1502
* CVE-2026-4786
* CVE-2026-6019
* CVE-2026-6100

CVSS scores:

* CVE-2026-1502 ( SUSE ): 5.7
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-1502 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-1502 ( NVD ): 5.7
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-4786 ( SUSE ): 7.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-4786 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L
* CVE-2026-4786 ( NVD ): 7.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-6019 ( SUSE ): 2.1
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-6019 ( SUSE ): 3.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-6019 ( NVD ): 2.1
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-6019 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-6100 ( SUSE ): 9.1
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-6100 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-6100 ( NVD ): 9.1
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves four vulnerabilities can now be installed.

## Description:

This update for python312 fixes the following issues

* CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF
(bsc#1261969).
* CVE-2026-4786: Incomplete mitigation of %action expansion for command
injection to webbrowser.open() (bsc#1262319).
* CVE-2026-6019: `BaseCookie.js_output()` does not neutralize characters in
cookie values embedded in JS (bsc#1262654).
* CVE-2026-6100: Arbitrary code execution or information disclosure via use-
after-free in decompression modules (bsc#1262098).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2055=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2055=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2055=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* python312-dbm-3.12.13-150600.3.59.1
* libpython3_12-1_0-3.12.13-150600.3.59.1
* python312-testsuite-3.12.13-150600.3.59.1
* libpython3_12-1_0-debuginfo-3.12.13-150600.3.59.1
* python312-tools-3.12.13-150600.3.59.1
* python312-curses-3.12.13-150600.3.59.1
* python312-debuginfo-3.12.13-150600.3.59.1
* python312-testsuite-debuginfo-3.12.13-150600.3.59.1
* python312-debugsource-3.12.13-150600.3.59.1
* python312-devel-3.12.13-150600.3.59.1
* python312-tk-3.12.13-150600.3.59.1
* python312-core-debugsource-3.12.13-150600.3.59.1
* python312-tk-debuginfo-3.12.13-150600.3.59.1
* python312-base-3.12.13-150600.3.59.1
* python312-curses-debuginfo-3.12.13-150600.3.59.1
* python312-doc-3.12.13-150600.3.59.1
* python312-base-debuginfo-3.12.13-150600.3.59.1
* python312-dbm-debuginfo-3.12.13-150600.3.59.1
* python312-idle-3.12.13-150600.3.59.1
* python312-doc-devhelp-3.12.13-150600.3.59.1
* python312-3.12.13-150600.3.59.1
* openSUSE Leap 15.6 (x86_64)
* python312-32bit-debuginfo-3.12.13-150600.3.59.1
* python312-32bit-3.12.13-150600.3.59.1
* libpython3_12-1_0-32bit-3.12.13-150600.3.59.1
* libpython3_12-1_0-32bit-debuginfo-3.12.13-150600.3.59.1
* python312-base-32bit-debuginfo-3.12.13-150600.3.59.1
* python312-base-32bit-3.12.13-150600.3.59.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libpython3_12-1_0-64bit-3.12.13-150600.3.59.1
* python312-base-64bit-debuginfo-3.12.13-150600.3.59.1
* python312-64bit-debuginfo-3.12.13-150600.3.59.1
* python312-64bit-3.12.13-150600.3.59.1
* python312-base-64bit-3.12.13-150600.3.59.1
* libpython3_12-1_0-64bit-debuginfo-3.12.13-150600.3.59.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* python312-dbm-3.12.13-150600.3.59.1
* libpython3_12-1_0-3.12.13-150600.3.59.1
* python312-curses-debuginfo-3.12.13-150600.3.59.1
* python312-tk-3.12.13-150600.3.59.1
* python312-base-debuginfo-3.12.13-150600.3.59.1
* python312-dbm-debuginfo-3.12.13-150600.3.59.1
* python312-idle-3.12.13-150600.3.59.1
* python312-curses-3.12.13-150600.3.59.1
* python312-debuginfo-3.12.13-150600.3.59.1
* libpython3_12-1_0-debuginfo-3.12.13-150600.3.59.1
* python312-3.12.13-150600.3.59.1
* python312-tools-3.12.13-150600.3.59.1
* python312-core-debugsource-3.12.13-150600.3.59.1
* python312-debugsource-3.12.13-150600.3.59.1
* python312-tk-debuginfo-3.12.13-150600.3.59.1
* python312-devel-3.12.13-150600.3.59.1
* python312-base-3.12.13-150600.3.59.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* python312-dbm-3.12.13-150600.3.59.1
* libpython3_12-1_0-3.12.13-150600.3.59.1
* python312-tk-3.12.13-150600.3.59.1
* python312-curses-debuginfo-3.12.13-150600.3.59.1
* python312-base-debuginfo-3.12.13-150600.3.59.1
* python312-dbm-debuginfo-3.12.13-150600.3.59.1
* python312-idle-3.12.13-150600.3.59.1
* python312-curses-3.12.13-150600.3.59.1
* python312-debuginfo-3.12.13-150600.3.59.1
* libpython3_12-1_0-debuginfo-3.12.13-150600.3.59.1
* python312-3.12.13-150600.3.59.1
* python312-tools-3.12.13-150600.3.59.1
* python312-core-debugsource-3.12.13-150600.3.59.1
* python312-debugsource-3.12.13-150600.3.59.1
* python312-tk-debuginfo-3.12.13-150600.3.59.1
* python312-devel-3.12.13-150600.3.59.1
* python312-base-3.12.13-150600.3.59.1

## References:

* https://www.suse.com/security/cve/CVE-2026-1502.html
* https://www.suse.com/security/cve/CVE-2026-4786.html
* https://www.suse.com/security/cve/CVE-2026-6019.html
* https://www.suse.com/security/cve/CVE-2026-6100.html
* https://bugzilla.suse.com/show_bug.cgi?id=1261969
* https://bugzilla.suse.com/show_bug.cgi?id=1262098
* https://bugzilla.suse.com/show_bug.cgi?id=1262319
* https://bugzilla.suse.com/show_bug.cgi?id=1262654


Xorg-x11-Server, Squid, Grafana, and more updates for RHEL

Rclone, Kernel, .NET, and more updates for Ubuntu Linux

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...