openSUSE-SU-2026:11244-1: moderate: xorg-x11-server-21.1.21-8.1 on GA media
openSUSE-SU-2026:11243-1: moderate: traefik2-2.11.52-1.1 on GA media
openSUSE-SU-2026:11241-1: moderate: rclone-1.74.4-1.1 on GA media
openSUSE-SU-2026:11240-1: moderate: python313-websockets-16.0-2.1 on GA media
openSUSE-SU-2026:11242-1: moderate: spectre-meltdown-checker-26.36.0602723-1.1 on GA media
openSUSE-SU-2026:11236-1: moderate: python313-Django6-6.0.7-1.1 on GA media
openSUSE-SU-2026:11235-1: moderate: python313-Django4-4.2.30-4.1 on GA media
openSUSE-SU-2026:0240-1: moderate: Security update for perl-CGI-Session
openSUSE-SU-2026:0241-1: moderate: Security update for python-social-auth-app-django
openSUSE-SU-2026:11244-1: moderate: xorg-x11-server-21.1.21-8.1 on GA media
# xorg-x11-server-21.1.21-8.1 on GA media
Announcement ID: openSUSE-SU-2026:11244-1
Rating: moderate
Cross-References:
* CVE-2026-55999
* CVE-2026-56000
CVSS scores:
* CVE-2026-55999 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-55999 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-56000 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-56000 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves 2 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the xorg-x11-server-21.1.21-8.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* xorg-x11-server 21.1.21-8.1
* xorg-x11-server-Xvfb 21.1.21-8.1
* xorg-x11-server-extra 21.1.21-8.1
* xorg-x11-server-sdk 21.1.21-8.1
* xorg-x11-server-source 21.1.21-8.1
* xorg-x11-server-wrapper 21.1.21-8.1
## References:
* https://www.suse.com/security/cve/CVE-2026-55999.html
* https://www.suse.com/security/cve/CVE-2026-56000.html
openSUSE-SU-2026:11243-1: moderate: traefik2-2.11.52-1.1 on GA media
# traefik2-2.11.52-1.1 on GA media
Announcement ID: openSUSE-SU-2026:11243-1
Rating: moderate
Cross-References:
* CVE-2026-54763
* CVE-2026-54764
CVSS scores:
* CVE-2026-54763 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-54763 ( SUSE ): 7.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N
* CVE-2026-54764 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-54764 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves 2 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the traefik2-2.11.52-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* traefik2 2.11.52-1.1
## References:
* https://www.suse.com/security/cve/CVE-2026-54763.html
* https://www.suse.com/security/cve/CVE-2026-54764.html
openSUSE-SU-2026:11241-1: moderate: rclone-1.74.4-1.1 on GA media
# rclone-1.74.4-1.1 on GA media
Announcement ID: openSUSE-SU-2026:11241-1
Rating: moderate
Cross-References:
* CVE-2026-54572
* CVE-2026-59732
* CVE-2026-59733
Affected Products:
* openSUSE Tumbleweed
An update that solves 3 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the rclone-1.74.4-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* rclone 1.74.4-1.1
* rclone-bash-completion 1.74.4-1.1
* rclone-zsh-completion 1.74.4-1.1
## References:
* https://www.suse.com/security/cve/CVE-2026-54572.html
* https://www.suse.com/security/cve/CVE-2026-59732.html
* https://www.suse.com/security/cve/CVE-2026-59733.html
openSUSE-SU-2026:11240-1: moderate: python313-websockets-16.0-2.1 on GA media
# python313-websockets-16.0-2.1 on GA media
Announcement ID: openSUSE-SU-2026:11240-1
Rating: moderate
Cross-References:
* CVE-2018-1000518
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the python313-websockets-16.0-2.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* python313-websockets 16.0-2.1
* python314-websockets 16.0-2.1
## References:
* https://www.suse.com/security/cve/CVE-2018-1000518.html
openSUSE-SU-2026:11242-1: moderate: spectre-meltdown-checker-26.36.0602723-1.1 on GA media
# spectre-meltdown-checker-26.36.0602723-1.1 on GA media
Announcement ID: openSUSE-SU-2026:11242-1
Rating: moderate
Cross-References:
* CVE-2017-5715
* CVE-2017-5753
* CVE-2018-3615
* CVE-2018-3620
* CVE-2018-3640
* CVE-2019-11157
* CVE-2020-0543
* CVE-2020-12965
* CVE-2020-8694
* CVE-2021-26318
* CVE-2022-21123
* CVE-2022-29900
* CVE-2022-29901
* CVE-2023-20569
* CVE-2023-20588
* CVE-2023-23583
* CVE-2023-28746
* CVE-2023-31315
* CVE-2024-28956
* CVE-2024-36350
* CVE-2024-45332
* CVE-2024-56161
* CVE-2024-7881
* CVE-2025-20623
* CVE-2025-24495
* CVE-2025-29943
* CVE-2025-40300
* CVE-2025-54505
CVSS scores:
* CVE-2017-5715 ( SUSE ): 7.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
* CVE-2017-5753 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2018-3620 ( SUSE ): 5.6 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2018-3640 ( SUSE ): 4.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
* CVE-2020-0543 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2020-12965 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2020-8694 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-26318 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-21123 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
* CVE-2022-29900 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-29901 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-20569 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-20588 ( SUSE ): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-23583 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-31315 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
* CVE-2024-28956 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2024-28956 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2024-36350 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2024-45332 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2024-45332 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2024-56161 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N
* CVE-2025-20623 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2025-20623 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-24495 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2025-24495 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
* CVE-2025-40300 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2025-40300 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
* CVE-2025-54505 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2025-54505 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves 28 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the spectre-meltdown-checker-26.36.0602723-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* spectre-meltdown-checker 26.36.0602723-1.1
## References:
* https://www.suse.com/security/cve/CVE-2017-5715.html
* https://www.suse.com/security/cve/CVE-2017-5753.html
* https://www.suse.com/security/cve/CVE-2018-3615.html
* https://www.suse.com/security/cve/CVE-2018-3620.html
* https://www.suse.com/security/cve/CVE-2018-3640.html
* https://www.suse.com/security/cve/CVE-2019-11157.html
* https://www.suse.com/security/cve/CVE-2020-0543.html
* https://www.suse.com/security/cve/CVE-2020-12965.html
* https://www.suse.com/security/cve/CVE-2020-8694.html
* https://www.suse.com/security/cve/CVE-2021-26318.html
* https://www.suse.com/security/cve/CVE-2022-21123.html
* https://www.suse.com/security/cve/CVE-2022-29900.html
* https://www.suse.com/security/cve/CVE-2022-29901.html
* https://www.suse.com/security/cve/CVE-2023-20569.html
* https://www.suse.com/security/cve/CVE-2023-20588.html
* https://www.suse.com/security/cve/CVE-2023-23583.html
* https://www.suse.com/security/cve/CVE-2023-28746.html
* https://www.suse.com/security/cve/CVE-2023-31315.html
* https://www.suse.com/security/cve/CVE-2024-28956.html
* https://www.suse.com/security/cve/CVE-2024-36350.html
* https://www.suse.com/security/cve/CVE-2024-45332.html
* https://www.suse.com/security/cve/CVE-2024-56161.html
* https://www.suse.com/security/cve/CVE-2024-7881.html
* https://www.suse.com/security/cve/CVE-2025-20623.html
* https://www.suse.com/security/cve/CVE-2025-24495.html
* https://www.suse.com/security/cve/CVE-2025-29943.html
* https://www.suse.com/security/cve/CVE-2025-40300.html
* https://www.suse.com/security/cve/CVE-2025-54505.html
openSUSE-SU-2026:11236-1: moderate: python313-Django6-6.0.7-1.1 on GA media
# python313-Django6-6.0.7-1.1 on GA media
Announcement ID: openSUSE-SU-2026:11236-1
Rating: moderate
Cross-References:
* CVE-2026-48588
* CVE-2026-53877
* CVE-2026-53878
CVSS scores:
* CVE-2026-48588 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2026-53877 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
* CVE-2026-53878 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products:
* openSUSE Tumbleweed
An update that solves 3 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the python313-Django6-6.0.7-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* python313-Django6 6.0.7-1.1
* python314-Django6 6.0.7-1.1
## References:
* https://www.suse.com/security/cve/CVE-2026-48588.html
* https://www.suse.com/security/cve/CVE-2026-53877.html
* https://www.suse.com/security/cve/CVE-2026-53878.html
openSUSE-SU-2026:11235-1: moderate: python313-Django4-4.2.30-4.1 on GA media
# python313-Django4-4.2.30-4.1 on GA media
Announcement ID: openSUSE-SU-2026:11235-1
Rating: moderate
Cross-References:
* CVE-2015-3982
* CVE-2015-5145
* CVE-2015-5963
* CVE-2016-7401
* CVE-2017-12794
* CVE-2017-7233
* CVE-2017-7234
* CVE-2018-16984
* CVE-2018-6188
* CVE-2018-7536
* CVE-2018-7537
* CVE-2019-11358
* CVE-2019-12308
* CVE-2019-12781
* CVE-2019-14232
* CVE-2019-19118
* CVE-2019-19844
* CVE-2019-3498
* CVE-2019-6975
* CVE-2020-13254
* CVE-2020-13596
* CVE-2020-24583
* CVE-2020-24584
* CVE-2020-7471
* CVE-2020-9402
* CVE-2021-31542
* CVE-2021-32052
* CVE-2021-33203
* CVE-2021-33571
* CVE-2021-35042
* CVE-2021-45115
* CVE-2021-45452
* CVE-2022-22818
* CVE-2022-23833
* CVE-2022-28346
* CVE-2022-28347
* CVE-2022-34265
* CVE-2022-36359
* CVE-2022-41323
* CVE-2023-23969
* CVE-2023-24580
* CVE-2023-31047
* CVE-2023-36053
* CVE-2023-41164
* CVE-2023-43665
* CVE-2024-24680
* CVE-2024-27351
* CVE-2024-38875
* CVE-2024-39329
* CVE-2024-39330
* CVE-2024-39614
* CVE-2024-41989
* CVE-2024-41990
* CVE-2024-41991
* CVE-2024-42005
* CVE-2024-45230
* CVE-2024-45231
* CVE-2026-48588
* CVE-2026-53877
CVSS scores:
* CVE-2016-7401 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2018-16984 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2018-7537 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2019-12308 ( SUSE ): 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2019-12781 ( SUSE ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2019-14232 ( SUSE ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2019-19844 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2019-3498 ( SUSE ): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
* CVE-2019-6975 ( SUSE ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2020-13596 ( SUSE ): 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
* CVE-2020-24583 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2020-24584 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2020-7471 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
* CVE-2020-9402 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
* CVE-2021-31542 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-32052 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2021-33203 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-33571 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2021-45115 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-45452 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2022-22818 ( SUSE ): 5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2022-23833 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-28346 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2022-28347 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2022-34265 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-36359 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
* CVE-2023-23969 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-24580 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-31047 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-36053 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-41164 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-43665 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-24680 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27351 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-38875 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-39329 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2024-39330 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-39614 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-41989 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-41990 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-41991 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42005 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-45230 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45231 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-48588 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2026-53877 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
Affected Products:
* openSUSE Tumbleweed
An update that solves 59 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the python313-Django4-4.2.30-4.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* python313-Django4 4.2.30-4.1
* python314-Django4 4.2.30-4.1
## References:
* https://www.suse.com/security/cve/CVE-2015-3982.html
* https://www.suse.com/security/cve/CVE-2015-5145.html
* https://www.suse.com/security/cve/CVE-2015-5963.html
* https://www.suse.com/security/cve/CVE-2016-7401.html
* https://www.suse.com/security/cve/CVE-2017-12794.html
* https://www.suse.com/security/cve/CVE-2017-7233.html
* https://www.suse.com/security/cve/CVE-2017-7234.html
* https://www.suse.com/security/cve/CVE-2018-16984.html
* https://www.suse.com/security/cve/CVE-2018-6188.html
* https://www.suse.com/security/cve/CVE-2018-7536.html
* https://www.suse.com/security/cve/CVE-2018-7537.html
* https://www.suse.com/security/cve/CVE-2019-11358.html
* https://www.suse.com/security/cve/CVE-2019-12308.html
* https://www.suse.com/security/cve/CVE-2019-12781.html
* https://www.suse.com/security/cve/CVE-2019-14232.html
* https://www.suse.com/security/cve/CVE-2019-19118.html
* https://www.suse.com/security/cve/CVE-2019-19844.html
* https://www.suse.com/security/cve/CVE-2019-3498.html
* https://www.suse.com/security/cve/CVE-2019-6975.html
* https://www.suse.com/security/cve/CVE-2020-13254.html
* https://www.suse.com/security/cve/CVE-2020-13596.html
* https://www.suse.com/security/cve/CVE-2020-24583.html
* https://www.suse.com/security/cve/CVE-2020-24584.html
* https://www.suse.com/security/cve/CVE-2020-7471.html
* https://www.suse.com/security/cve/CVE-2020-9402.html
* https://www.suse.com/security/cve/CVE-2021-31542.html
* https://www.suse.com/security/cve/CVE-2021-32052.html
* https://www.suse.com/security/cve/CVE-2021-33203.html
* https://www.suse.com/security/cve/CVE-2021-33571.html
* https://www.suse.com/security/cve/CVE-2021-35042.html
* https://www.suse.com/security/cve/CVE-2021-45115.html
* https://www.suse.com/security/cve/CVE-2021-45452.html
* https://www.suse.com/security/cve/CVE-2022-22818.html
* https://www.suse.com/security/cve/CVE-2022-23833.html
* https://www.suse.com/security/cve/CVE-2022-28346.html
* https://www.suse.com/security/cve/CVE-2022-28347.html
* https://www.suse.com/security/cve/CVE-2022-34265.html
* https://www.suse.com/security/cve/CVE-2022-36359.html
* https://www.suse.com/security/cve/CVE-2022-41323.html
* https://www.suse.com/security/cve/CVE-2023-23969.html
* https://www.suse.com/security/cve/CVE-2023-24580.html
* https://www.suse.com/security/cve/CVE-2023-31047.html
* https://www.suse.com/security/cve/CVE-2023-36053.html
* https://www.suse.com/security/cve/CVE-2023-41164.html
* https://www.suse.com/security/cve/CVE-2023-43665.html
* https://www.suse.com/security/cve/CVE-2024-24680.html
* https://www.suse.com/security/cve/CVE-2024-27351.html
* https://www.suse.com/security/cve/CVE-2024-38875.html
* https://www.suse.com/security/cve/CVE-2024-39329.html
* https://www.suse.com/security/cve/CVE-2024-39330.html
* https://www.suse.com/security/cve/CVE-2024-39614.html
* https://www.suse.com/security/cve/CVE-2024-41989.html
* https://www.suse.com/security/cve/CVE-2024-41990.html
* https://www.suse.com/security/cve/CVE-2024-41991.html
* https://www.suse.com/security/cve/CVE-2024-42005.html
* https://www.suse.com/security/cve/CVE-2024-45230.html
* https://www.suse.com/security/cve/CVE-2024-45231.html
* https://www.suse.com/security/cve/CVE-2026-48588.html
* https://www.suse.com/security/cve/CVE-2026-53877.html
openSUSE-SU-2026:0240-1: moderate: Security update for perl-CGI-Session
openSUSE Security Update: Security update for perl-CGI-Session
_______________________________
Announcement ID: openSUSE-SU-2026:0240-1
Rating: moderate
References: #1269983
Cross-References: CVE-2026-56016
Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________
An update that fixes one vulnerability is now available.
Description:
This update for perl-CGI-Session fixes the following issues:
- updated to 4.490.0 (4.49) see
/usr/share/doc/packages/perl-CGI-Session/Changelog.ini
* SECURITY: Strengthen cryptographic randomness of MD5 driver,
CVE-2026-56016 (boo#1269983)
- Normalize CPAN version See
https://github.com/openSUSE/cpanspec/issues/47 for details
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP7:
zypper in -t patch openSUSE-2026-240=1
Package List:
- openSUSE Backports SLE-15-SP7 (noarch):
perl-CGI-Session-4.490.0-bp157.2.3.1
References:
https://www.suse.com/security/cve/CVE-2026-56016.html
https://bugzilla.suse.com/1269983
openSUSE-SU-2026:0241-1: moderate: Security update for python-social-auth-app-django
openSUSE Security Update: Security update for python-social-auth-app-django
_______________________________
Announcement ID: openSUSE-SU-2026:0241-1
Rating: moderate
References: #1251851
Cross-References: CVE-2025-61783
CVSS scores:
CVE-2025-61783 (SUSE): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-social-auth-app-django fixes the following issues:
- CVE-2025-61783: unsafe account association could lead to account
compromise (boo#1251851).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP7:
zypper in -t patch openSUSE-2026-241=1
Package List:
- openSUSE Backports SLE-15-SP7 (noarch):
python311-social-auth-app-django-5.4.0-bp157.2.3.1
References:
https://www.suse.com/security/cve/CVE-2025-61783.html
https://bugzilla.suse.com/1251851