Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
Is automated patching safe for servers?
Loading...
Explore Latest Linux Security advisories
We found 9,991 articles for you...
89
security advisoryfedoraimportantFedora 44 postgresql-jdbc Important Ongres Scram Auth Fix 2026-3f51edec7b
Ongres Scram update and security fix.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-3f51edec7b 2026-06-20 00:50:40.883482+00:00 -------------------------------------------------------------------------------- Name : postgresql-jdbc Product : Fedora 44 Version : 42.7.8 Release : 6.fc44 URL : https://jdbc.postgresql.org/ Summary : JDBC driver for PostgreSQL Description : PostgreSQL is an advanced Object-Relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. -------------------------------------------------------------------------------- Update Information: Ongres Scram update and security fix. -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 10 2026 Marian Koncek - 42.7.8-6 - Switch tests to using matrix tests * Wed Jun 10 2026 Marian Koncek - 42.7.8-5 - Rebuild with newer ongres dependencies -------------------------------------------------------------------------------- References: [ 1 ] Bug #2487526 - Silent channel-binding authentication downgrade via unsupported certificate algorithms https://bugzilla.redhat.com/show_bug.cgi?id=2487526 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3f51edec7b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announcemailing list --
Jun 19, 2026 •Important Fedora 89
security advisorysecurity issuefedoraFedora 44 Ongres Scram Major Security Patch 2026-3f51edec7b
Ongres Scram update and security fix.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-3f51edec7b 2026-06-20 00:50:40.883482+00:00 -------------------------------------------------------------------------------- Name : ongres-scram Product : Fedora 44 Version : 3.3 Release : 1.fc44 URL : https://github.com/ongres/scram Summary : Salted Challenge Response Authentication Mechanism (SCRAM) - Java Implementation Description : This is a Java implementation of SCRAM (Salted Challenge Response Authentication Mechanism) which is part of the family of Simple Authentication and Security Layer (SASL, RFC 4422) authentication mechanisms. It is described as part of RFC 5802 and RFC7677. -------------------------------------------------------------------------------- Update Information: Ongres Scram update and security fix. -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 10 2026 Marian Koncek - 3.3-1 - Update to upstream version 3.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2487526 - Silent channel-binding authentication downgrade via unsupported certificate algorithms https://bugzilla.redhat.com/show_bug.cgi?id=2487526 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3f51edec7b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jun 19, 2026 •Important Fedora 
100
security advisorydenial of serviceSuSEopenSUSE Leap 15.6 advisory 2026-2470-1 Important Denial of Service
An update that solves two vulnerabilities can now be installed.. # Security update for python-starlette Announcement ID: SUSE-SU-2026:2470-1 Release Date: 2026-06-19T13:37:51Z Rating: important References: * bsc#1268517 * bsc#1268520 Cross-References: * CVE-2026-54282 * CVE-2026-54283 CVSS scores: * CVE-2026-54282 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-54282 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-54283 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-54283 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 An update that solves two vulnerabilities can now be installed. ## Description: This update for python-starlette fixes the following issues * CVE-2026-54282: request path that lacks a leading forward slash can lead to request.url.hostname manipulation (bsc#1268520). * CVE-2026-54283: urlencoded request body with an oversized data can lead to a denial of service (bsc#1268517). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2470=1 ## Package List: * openSUSE Leap 15.6 (noarch) * python311-starlette-0.35.1-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2026-54282.html * https://www.suse.com/security/cve/CVE-2026-54283.html * https://bugzilla.suse.com/show_bug.cgi?id=1268517 * https://bugzilla.suse.com/show_bug.cgi?id=1268520 . An important security update for python-starlette on SUSE fixes critical issues, enabling safer operations.. SUSE python-starlette update, important security patches SUSE, request manipulation fix, denial of service vulnerability. . Severity: Important. LinuxSecurity.com Team
Jun 19, 2026 •Important SuSE 100
security advisorysecurity updateSuSESUSE Apache-SSH-D Important Path Traversal Signature Issue 2026-2472-1
An update that solves two vulnerabilities can now be installed.. # Security update for apache-sshd, jpgpj Announcement ID: SUSE-SU-2026:2472-1 Release Date: 2026-06-19T13:41:45Z Rating: important References: * bsc#1239551 * bsc#1267018 Cross-References: * CVE-2020-36843 * CVE-2026-48827 CVSS scores: * CVE-2020-36843 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2020-36843 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2020-36843 ( NVD ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2026-48827 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-48827 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N * CVE-2026-48827 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Development Tools Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for apache-sshd, jpgpj fixes the following issues *CVE-2020-36843: no check performed on scalar to avoid signature malleability (bsc#1239551). * CVE-2026-48827: Apache MINA SSHD: Path traversal in org.apache.sshd: sshd- git (bsc#1267018). Changes for jpgpj: * Initial packaging with v1.3 Changes for apache-sshd: * Update to upstream version 2.18.0 * Bug Fixes * GH-743 Ensure the Java ServiceLoader use a singleton SftpFileSystemProvider * GH-879 Close SSH channel gracefully on exception in port forwarding * Security: Improve handling of repository paths in sshd-git. Resolves CVE-2026-48827, bsc#1267018 * New Features * GH-892 Align handling certificates without principals with OpenSSH 10.3 * Update to upstream version 2.17.1 * Changes * GH-875 Use Apache Parent POM 36 * Update to upstream version 2.17.0 * GH-469, SSHD-897 Fix duplicate character echo with interactive shells * GH-721 SSH client: schedule session timeout checks on demand only * GH-807 Handle "verified" flag for sk-* keys * GH-809 Fix server-side authentication for FIDO/U2F sk-* keys with flags in authorized_keys * GH-827 Don't fail on invalid known_hosts lines; log and skip them * GH-830 EC public keys: let Bouncy Castle generate X.509 encodings with the curve OID as algorithm parameter * GH-855 SFTP: use a single SftpClient per SftpFileSystem * GH-856 Fix using ed25519 with BC-FIPS * GH-861 SFTP client: prevent sending zero-length writes in SftpOutputStreamAsync * SSHD-1348 Fix zero-length SFTP reads * SSHD-1349 Bump PMD to 7.20.0 to avoid StackOverflowError when compiling on Java 26-ea * GH-814 Include a fix for CVE-2020-36843 (bsc#1239551) in optional dependency net.i2p.crypto:eddsa:0.3.0: perform the missing range check in Apache MINA SSHD before delegating to the signature verification in net.i2p.crypto:eddsa:0.3.0. This means that using net.i2p.crypto:eddsa:0.3.0 in Apache MINA SSHD is safe despite that CVE in the dependency. * GH-865 replace %h in HostName SSH config * Update to upstreamversion 2.16.0 * Changes of version 2.16.0 * bugfix: fix cert auth failed bug * GH-664: Skip MAC negotiation if an AEAD cipher was negotiated * GH-663: Fix a race in IoSession creation * Also test sshd-mina using mina-core 2.2.4 * ScpShell fixes; SFTP append mode for buggy servers * fix sources.jar Reproducible Builds issue * GH-700: Fix race in AbstractCloseable.doCloseImmediately() * GH-705: Make ChannelToPortHandler accessible to user code * GH-709: Handle keep-alive channel messages sent by an old OpenSSH server * GH-727: supply default port for proxyJump if no HostConfigEntry * GH-733: Fix SftpRemotePathChannel.transferTo * GH-725: Added commandTimeoutMillis in executeRemoteCommand * GH-774: Fix WritePendingException * # 771 Avoid NoClassDefFoundError: net/i2p/crypto/eddsa/EdDSAPublicKey * GH-516: Fix filesystem-id parsing in getFileSystem(URI) * GH-754: Don't close DefaultForwarder on bind error * Close repository after usage in GitPackCommand * Trigger ClientChannelEvent.Timeout and ClientSessionEvent.TIMEOUT independently to host's program cycle times * Changes of version 2.15.0 * GH-618: Fix reading an OpenSshCertificate from a Buffer * Add interface to configure details of JGit's pack implementation * ML-KEM key exchanges using Bouncy Castle 1.79 * GH-628: Fix reading directories with trailing blanks in the name * GH-626: Enable Streaming.Async for ChannelDirectTcpip * Sftp server 'ls' command timeout * GH-636: Handle unknown key types in known_hosts * GH-643: provide interfaces for caching file attributes on paths * Bouncy Castle EdDSA / Ed25519 Support * Abstract revoked key handling in KnownHostsServerKeyVerifier * Fix an incompletely interpolated dependency with maven 4.0.0-rc-4 * Fix wrong invocation of xmvn-subst * Updated to upstream version 2.14.0 * Changes in version 2.14.0 * GH-524 Performance improvements * GH-533 Fix multi-step authentication * GH-582 Fix filtering in NamedFactory * GH-587 PreventNullPointerExceptionon closed channel in NettyIoSession * GH-590 Better support for FIPS * GH-597 Pass on Charset in ClientSession.executeRemoteCommand() * New utility methods SftpClient.put(Path localFile, String remoteFileName) and SftpClient.put(InputStream in, String remoteFileName) facilitate SFTP file uploading. * GH-590 Better support for FIPS Besides fixing a bug with bc-fips (the RandomGenerator class exists in normal Bouncy Castle, but not in the FIPS version, but Apache MINA sshd referenced it even if only bc-fips was present), support was improved for running in an environment restricted by FIPS. There is a new system property org.apache.sshd.security.fipsEnabled. If set to true, a number of crypto-algorithms not approved by FIPS 140 are disabled: * key exchange methods sntrup761x25519-sha512, sntrup761x25519-sha512@openssh.com, curve25519-sha256, curve25519-sha256@libssh.org, curve448-sha512. * the chacha20-poly1305 cipher. * the bcrypt KDF used in encrypted private key files in OpenSSH format. * all ed25519 keys and signatures. Additionally, the new "SunJCEWrapper" SecurityProviderRegistrar (see below) and the EdDSASecurityProviderRegistrar are disabled, and the BouncyCastleScurityProviderRegistrar looks only for the "BCFIPS" security provider, not for the normal "BC" provider. If the system property is not set to true, FIPS mode can be enabled programmatically by calling SecurityUtils.setFipsMode() before any other call to Apache MINA sshd. * Potential compatibility issues * New security provider registrar There is a new SecurityProviderRegistrar that is registered by default if there is a SunJCE security provider. It uses the AES and HmacSHA* implementations from SunJCE even if Bouncy Castle is also registered. SunJCE has native implementations, whereas Bouncy Castle may not. The new registrar has the name "SunJCEWrapper" and can be configured like any other registrar. It can be disabled viathe system property org.apache.sshd.security.provider.SunJCEWrapper.enabled=false. It is also disabled in FIPS mode (see above). The methods NamedFactory.setupBuiltinFactories(boolean ignoreUnsupported, ...) and NamedFactory.setupTransformedFactories(boolean ignoreUnsupported, ...) had a bug that gave the "ignoreUnsupported" parameter actually the meaning of "include unsupported". This was fixed in this release, but existing code calling these or one of the following methods: ~ BaseBuilder.setUpDefaultMacs(boolean ignoreUnsupported) ~ BaseBuilder.setUpDefaultCiphers(boolean ignoreUnsupported) ~ ClientBuilder.setUpDefaultCompressionFactories(boolean ignoreUnsupported) ~ ClientBuilder.setUpDefaultKeyExchanges(boolean ~ ClientBuilder.setUpDefaultSignatureFactories(boolean ~ ServerBuilder.setUpDefaultCompressionFactories(boolean ~ ServerBuilder.setUpDefaultKeyExchanges(boolean ~ ServerBuilder.setUpDefaultSignatureFactories(boolean ~ any of the methods starting with SshConfigFileReader.configure ~ SshClientConfigFileReader.configure(...) ~ SshServerConfigFileReader.configure(...) should be reviewed: ~ if the method is called with parameter value true, the result will no longer include unsupported algorithms. Formerly it wrongly did. ~ if the method is called with parameter value false, the result may include unsupported algorithms. Formerly it did not. So if existing code used parameter value false to ensure it never got unsupported algorithms, change it to true. * Major Code Re-factoring * JDK requirements ~ GH-536 The project now requires JDK 17 at build time, while the target runtime still remains unchanged to support JDK 8. * Changes in version 2.13.2 * What's Changed * GH-525: Fix sntrup761x25519-sha512 by @tomaswolf in #528 * Changes in version 2.13.1 * This release does not contain any code changes. It is solely to rectify the issue that the 2.13.0 release encountered during the release process,where the source jars were not created. * Changes in version 2.13.0 * GH-318: Handle cascaded proxy jumps by @tomaswolf in #512 * GH-427: Read initial ACK on channel open prior to direct stream upload & close streams prior to exit code handling by @TerraNibble in #464 * GH-455: ensure BaseCipher.update() fulfills the contract by @tomaswolf in #463 * GH-470: Synchronize not thread safe java.security.KeyPairGenerator.generateKe... by @zakharovsergey1000 in #467 * GH-476: Fix Android detection false negative by @wh0 * GH-475: Switch uses of JSch library to the com.github.mwiede:jsch fork by @Alex-Vol-Amz * GH-472: change client start condition in sshd-spring-sftp by @alwaystom * GH-489: sftp readdir: determine file type from longname by @tomaswolf in #491 * GH-486: Add missing U2F {ed25519,ecdsa}-sk public key equality methods by @lf- * SSHD-1237 Handle keep-alive channel requests by @tomaswolf in #492 * GH-494: Nio2Session improvements by @evgeny-pasynkov * GH-468: Handle excess data in SFTP read requests by @tomaswolf in #495 * GH-498: Implement the "sntrup761x25519-sha512@openssh.com" KEX method by @tomaswolf * GH-500: SftpFileSystemProvider: close SftpClient on exception by @tomaswolf in #501 * GH-504: Pass reason to sessionNegotiationEnd by @duco-lw in #505 * GH-461: Fix heartbeats with wantReply=true by @tomaswolf in #507 * GH-493: Fix arcfour128 and arcfour256 ciphers (regression in 2.2.0) * GH-509: SFTP v[456] client: validate attribute flags * GH-510: Fix class name in BuiltinIoServiceFactoryFactories (regression in 2.6.0) * sntrup761x25519-sha512@openssh.com Key Exchange The key exchange method sntrup761x25519-sha512@openssh.com is now available if the Bouncy Castle library is available. This uses a post-quantum key encapsulation method (KEM) to make key exchange future-proof against quantum attacks. More information can be found in IETF Memo Secure Shell (SSH) Key Exchange Method Using Hybrid StreamlinedNTRU Prime sntrup761 and X25519 with SHA-512: sntrup761x25519-sha512. * Behavioral changes and enhancements ~ GH-318 Handle cascaded proxy jumps Proxy jumps can be configured via host configuration entries in two ways. First, proxies can be chained directly by specifiying several proxies in one ProxyJump directive: Host target Hostname somewhere.example.org User some_user IdentityFile ~/.ssh/some_id ProxyJump jumphost2, jumphost1 Host jumphost1 Hostname jumphost1@example.org User jumphost1_user IdentityFile ~/.ssh/id_jumphost1 Host jumphost2 Hostname jumphost2@example.org User jumphost2_user IdentityFile ~/.ssh/id_jumphost2 Connecting to server target will first connect to jumphost1, then tunnel through to jumphost2, and finally tunnel to target. So the full connection will be client-> jumphost1-> jumphost2-> target. Such proxy jump chains were already supported in Apache MINA SSHD. Newly, Apache MINA SSHD also supports cascading proxy jumps, so a configuration like ProxyJump jumphost2 ProxyJump jumphost1 also works now, and produces the same connection It is possible to mis-configure such proxy jump cascades to have loops. (For instance, if host jumphost1 in the above example had a ProxyJump jumphost2 directive.) To catch such misconfigurations, Apache MINA SSHD imposes an upper limit on the total number of proxy jumps in a connection. An exception is thrown if there are more than CoreModuleProperties.MAX_PROXY_JUMPS proxy jumps in a connection. The default value of this property is 10. Most real uses of proxy jumps will have one or maybe two proxy jumps only. ~ GH-461 Fix heartbeats with wantReply=true The client-side heartbeat mechanism has been updated. Such heartbeats are configured via the CoreModuleProperties.HEARTBEAT_INTERVAL property. If this interval is > 0, heartbeats are sent to the server. Previously these heartbeats could also be configured with a CoreModuleProperties.HEARTBEAT_REPLY_WAITtimeout. If the timeout was 0, the client would send requests with a flag indicating that the server should reply. The client would then wait for the specified duration for the reply and would terminate the connection if none was received. This mechanism could cause trouble if the timeout was fairly long and the server was slow to respond. A timeout longer than the interval could also delay subsequent heartbeats. The CoreModuleProperties.HEARTBEAT_REPLY_WAIT property is now deprecated. There is a new configuration property CoreModuleProperties.HEARTBEAT_NO_REPLY_MAX instead. It defines a limit for the number of heartbeats sent without receiving a reply before a session is terminated. If the value is 0, the client will request a reply from the server for each heartbeat message, and it will terminate the connection if the number of unanswered heartbeats reaches CoreModuleProperties.HEARTBEAT_NO_REPLY_MAX. This new way to configure heartbeats aligns with the OpenSSH configuration options ServerAliveInterval and ServerAliveCountMax. For compatibility with older configurations that explicitly define CoreModuleProperties.HEARTBEAT_REPLY_WAIT, the new code maps this to the new configuration (but only if CoreModuleProperties.HEARTBEAT_INTERVAL > 0 and the new property CoreModuleProperties.HEARTBEAT_NO_REPLY_MAX has not been set) by setting CoreModuleProperties.HEARTBEAT_NO_REPLY_MAX to = CoreModuleProperties.HEARTBEAT_REPLY_WAIT
Jun 19, 2026 •Important SuSE 100
security advisoryDoSimportantSUSE OpenvSwitch Important Heap Over-Read Threat Vulnern 2026-2463-1
An update that solves two vulnerabilities can now be installed.. # Security update for openvswitch Announcement ID: SUSE-SU-2026:2463-1 Release Date: 2026-06-19T09:44:08Z Rating: important References: * bsc#1262498 * bsc#1262499 Cross-References: * CVE-2026-5265 * CVE-2026-5367 CVSS scores: * CVE-2026-5265 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-5265 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-5367 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-5367 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N Affected Products: * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for openvswitch fixes the following issues Update ovn to 25.03.3: * CVE-2026-5265: heap over-read in ICMP error response generation (bsc#1262498). * CVE-2026-5367: heap over-read in OVN DHCPv6 client ID processing (bsc#1262499). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-2463=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2463=1 ## Package List: * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python3-openvswitch-3.5.4-150700.41.18.1 * ovn-central-debuginfo-25.03.3-150700.41.18.1 * openvswitch-test-debuginfo-3.5.4-150700.41.18.1 * ovn-host-25.03.3-150700.41.18.1 * openvswitch-ipsec-3.5.4-150700.41.18.1 *ovn-central-25.03.3-150700.41.18.1 * ovn-25.03.3-150700.41.18.1 * ovn-vtep-debuginfo-25.03.3-150700.41.18.1 * ovn-vtep-25.03.3-150700.41.18.1 * python3-openvswitch-debuginfo-3.5.4-150700.41.18.1 * openvswitch-devel-3.5.4-150700.41.18.1 * openvswitch-debuginfo-3.5.4-150700.41.18.1 * libopenvswitch-3_5-0-3.5.4-150700.41.18.1 * openvswitch-pki-3.5.4-150700.41.18.1 * libovn-25_03-0-25.03.3-150700.41.18.1 * openvswitch-vtep-debuginfo-3.5.4-150700.41.18.1 * ovn-docker-25.03.3-150700.41.18.1 * ovn-host-debuginfo-25.03.3-150700.41.18.1 * openvswitch-test-3.5.4-150700.41.18.1 * ovn-devel-25.03.3-150700.41.18.1 * openvswitch-3.5.4-150700.41.18.1 * libovn-25_03-0-debuginfo-25.03.3-150700.41.18.1 * openvswitch-debugsource-3.5.4-150700.41.18.1 * ovn-debuginfo-25.03.3-150700.41.18.1 * libopenvswitch-3_5-0-debuginfo-3.5.4-150700.41.18.1 * openvswitch-vtep-3.5.4-150700.41.18.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * python3-openvswitch-3.5.4-150700.41.18.1 * openvswitch-debugsource-3.5.4-150700.41.18.1 * openvswitch-debuginfo-3.5.4-150700.41.18.1 * python3-openvswitch-debuginfo-3.5.4-150700.41.18.1 ## References: * https://www.suse.com/security/cve/CVE-2026-5265.html * https://www.suse.com/security/cve/CVE-2026-5367.html * https://bugzilla.suse.com/show_bug.cgi?id=1262498 * https://bugzilla.suse.com/show_bug.cgi?id=1262499 . Update for OpenvSwitch addresses serious security issues. Install promptly to enhance system protection.. OpenvSwitch Security Update, SUSE Important Patch, Heap Over-Read Vulnerability. . Severity: Important. LinuxSecurity.com Team
Jun 19, 2026 •Important SuSE 100
security advisorysecurity issueSuSESUSE Python313 Important Security Updates Advisory 2026-2464-1
An update that solves five vulnerabilities and has two security fixes can now be installed.. # Security update for python313 Announcement ID: SUSE-SU-2026:2464-1 Release Date: 2026-06-19T09:44:33Z Rating: important References: * bsc#1211301 * bsc#1261969 * bsc#1261970 * bsc#1262098 * bsc#1262319 * bsc#1262654 * bsc#1263787 Cross-References: * CVE-2026-1502 * CVE-2026-3446 * CVE-2026-4786 * CVE-2026-6019 * CVE-2026-6100 CVSS scores: * CVE-2026-1502 ( SUSE ): 5.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-1502 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2026-1502 ( NVD ): 5.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3446 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-3446 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-3446 ( NVD ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-4786 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-4786 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L * CVE-2026-4786 ( NVD ): 7.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-6019 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-6019 ( SUSE ): 3.8CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6019 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-6019 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-6100 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-6100 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6100 ( NVD ): 9.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves five vulnerabilities and has two security fixes can now be installed. ## Description: This update for python313 fixes the following issues Security issues: * CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF (bsc#1261969). * CVE-2026-3446: Base64 decoding stops at first padded quad by default (bsc#1261970). * CVE-2026-4786: [oss-security][] CPython: Incomplete mitigation of , %action expansion for command injection to webbrowser.open() (bsc#1262319). * CVE-2026-6019: `BaseCookie.js_output()` does not neutralize characters in cookie values embedded in JS (bsc#1262654). * CVE-2026-6100: Arbitrary code execution or information disclosure via use- after-free in decompression modules (bsc#1262098). Non security issue: * Add missing BR `crypto-policies-scripts` (need for the fix of bsc#1211301). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-2464=1 ## Package List: * Python 3 Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python313-curses-3.13.13-150700.4.50.1 * python313-tk-3.13.13-150700.4.50.1 * python313-dbm-3.13.13-150700.4.50.1 * python313-base-debuginfo-3.13.13-150700.4.50.1 * python313-debuginfo-3.13.13-150700.4.50.1 * python313-idle-3.13.13-150700.4.50.1 * libpython3_13-1_0-debuginfo-3.13.13-150700.4.50.1 * python313-core-debugsource-3.13.13-150700.4.50.1 * python313-dbm-debuginfo-3.13.13-150700.4.50.1 * python313-curses-debuginfo-3.13.13-150700.4.50.1 * python313-tk-debuginfo-3.13.13-150700.4.50.1 * python313-tools-3.13.13-150700.4.50.1 * python313-debugsource-3.13.13-150700.4.50.1 * python313-devel-3.13.13-150700.4.50.1 * python313-3.13.13-150700.4.50.1 * libpython3_13-1_0-3.13.13-150700.4.50.1 * python313-base-3.13.13-150700.4.50.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1502.html * https://www.suse.com/security/cve/CVE-2026-3446.html * https://www.suse.com/security/cve/CVE-2026-4786.html * https://www.suse.com/security/cve/CVE-2026-6019.html * https://www.suse.com/security/cve/CVE-2026-6100.html * https://bugzilla.suse.com/show_bug.cgi?id=1211301 * https://bugzilla.suse.com/show_bug.cgi?id=1261969 * https://bugzilla.suse.com/show_bug.cgi?id=1261970 * https://bugzilla.suse.com/show_bug.cgi?id=1262098 * https://bugzilla.suse.com/show_bug.cgi?id=1262319 * https://bugzilla.suse.com/show_bug.cgi?id=1262654 * https://bugzilla.suse.com/show_bug.cgi?id=1263787 . Critical update available for python313 on SUSE addressing multiple security issues. Immediate installation recommended.. python313 update, SUSE security, patch vulnerabilities, critical fixes, application security. . Severity: Important. LinuxSecurity.com Team
Jun 19, 2026 •Important SuSE 100
security advisorySuSEDoSSUSE glibc Important DoS Vulnern Fix 2026-2465-1 CVE-2026-4046
An update that solves one vulnerability can now be installed.. # Security update for glibc Announcement ID: SUSE-SU-2026:2465-1 Release Date: 2026-06-19T10:11:27Z Rating: important References: * bsc#1261206 Cross-References: * CVE-2026-4046 CVSS scores: * CVE-2026-4046 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-4046 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-4046 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 11 SP4 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE An update that solves one vulnerability can now be installed. ## Description: This update for glibc fixes the following issues: * CVE-2026-4046: Use pending character state in IBM1390, IBM1399 character sets (bsc#1261206, BZ #33980) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2026-2465=1 * SUSE Linux Enterprise Server 11 SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2026-2465=1 ## Package List: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (x86_64) * glibc-2.11.3-17.110.55.1 * glibc-devel-2.11.3-17.110.55.1 * glibc-profile-2.11.3-17.110.55.1 * glibc-profile-32bit-2.11.3-17.110.55.1 * glibc-devel-32bit-2.11.3-17.110.55.1 * glibc-locale-2.11.3-17.110.55.1 * nscd-2.11.3-17.110.55.1 * glibc-32bit-2.11.3-17.110.55.1 * glibc-info-2.11.3-17.110.55.1 * glibc-i18ndata-2.11.3-17.110.55.1 * glibc-debuginfo-32bit-2.11.3-17.110.55.1 * glibc-html-2.11.3-17.110.55.1 * glibc-locale-32bit-2.11.3-17.110.55.1 * glibc-debuginfo-2.11.3-17.110.55.1 * glibc-debugsource-2.11.3-17.110.55.1 *SUSE Linux Enterprise Server 11 SP4 (x86_64) * glibc-2.11.3-17.110.55.1 * glibc-devel-2.11.3-17.110.55.1 * glibc-profile-2.11.3-17.110.55.1 * glibc-profile-32bit-2.11.3-17.110.55.1 * glibc-devel-32bit-2.11.3-17.110.55.1 * glibc-locale-2.11.3-17.110.55.1 * nscd-2.11.3-17.110.55.1 * glibc-32bit-2.11.3-17.110.55.1 * glibc-info-2.11.3-17.110.55.1 * glibc-i18ndata-2.11.3-17.110.55.1 * glibc-debuginfo-32bit-2.11.3-17.110.55.1 * glibc-html-2.11.3-17.110.55.1 * glibc-locale-32bit-2.11.3-17.110.55.1 * glibc-debuginfo-2.11.3-17.110.55.1 * glibc-debugsource-2.11.3-17.110.55.1 ## References: * https://www.suse.com/security/cve/CVE-2026-4046.html * https://bugzilla.suse.com/show_bug.cgi?id=1261206 . SUSE's important security update for glibc resolves CVE-2026-4046, critical for system security. Check installation methods now.. glibc security update,suse advisory,security patch glibc,linux vulnerability fix,importance of updates. . Severity: Important. LinuxSecurity.com Team
Jun 19, 2026 •Important SuSE 100
security advisorydenial of serviceSuSESUSE Azure-Storage-Azcopy Important Denial of Service Advisory 2026-2466-1
An update that solves five vulnerabilities and has one security fix can now be installed.. # Security update for azure-storage-azcopy Announcement ID: SUSE-SU-2026:2466-1 Release Date: 2026-06-19T11:02:49Z Rating: important References: * bsc#1247720 * bsc#1260307 * bsc#1262962 * bsc#1265841 * bsc#1266311 * bsc#1266657 Cross-References: * CVE-2025-47907 * CVE-2026-33186 * CVE-2026-33814 * CVE-2026-34986 * CVE-2026-39821 CVSS scores: * CVE-2025-47907 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-47907 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2025-47907 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39821 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39821 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39821 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.4 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * Public Cloud Module 15-SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 *SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for azure-storage-azcopy fixes the following issues Update to 10.32.4: * CVE-2025-47907: database/sql: incorrect results returned from Rows.Scan (bsc#1247720). * CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header (bsc#1260307). * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265841). * CVE-2026-34986: github.com/go-jose/go-jose/v4: crafted JWE input with a missing encrypted key can lead to a denial of service (bsc#1262962). * CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass and privilege escalation (bsc#1266657). Changes: * Remove 32-bit Windows ARM7 build * Cover other open CVEs (bsc#1266657, CVE-2026-39821) * Update otel sdk * Update packages and add patch version * Update version.go * Error formatting * Add test to validate changes * Update Changelog * Alter intentional panics to return errors * Correct issues re: MSRC case #110341 * Update offending packages * cloud.google.com/go/storage v1.45.0 -> v1.50.0 * Golang 1.24.13 -> 1.25.8 * Golangci-lint v1.64.8 -> v2.11.3 * Fixed a regression where the folder tracker would panic with pre-existing folders and --overwrite=ifSourceNewer. (#3403) * Fixed a regressionwhere cancellation was not working via stdin (#3373) * Fixed a regression where we hit segfaults from logging to a nil logger in the process checker. (#3384) * Fixed a race condition panic from concurrent access to a shared metadata resource by introducing thread safety. (#3341) * Fixed a bug where --posix-properties-style was not being chained through the copy flow correctly. (#3401) * Fixed a regression where in tandem use of --list-of-files and --include- pattern no longer worked. (#3389) * Golang 1.24.11 -> 1.24.13 * Added support for AMLFS style posix metadata. (#3317) * Fixed a bug where hdi_isfolder metadata key would sometimes not be sent in all lowercase, resulting in unexpected behavior on the service side when fetching properties. (#3312) * Fixed a typo in the benchmark command, to allow the --put-md5 flag to work. (#3324) * Fixed a bug where network errors would not be retried on. (#3338) * Fixed a bug where unexpected requests would be logged in syslog. (#3339) * Fixed a bug where pre-existing folders would be recreated. (#3295) * Updated README to clarify supported source-destination pairs and authorization mechanisms. (#3213) * Updated format of wiki generated docs to improve readability. (#3311) * AzCopy download URLs starting with https://azcopyvnext- awgzd8g7aagqhzhe.b02.azurefd.net/ are no longer supported. * Fixed a bug where throughput was not being displayed for copy and resume. (#3271) * Fixed a bug where S3 and GCP transfers would panic. (#3273) * Refactored copy, sync, resume, login, logout, login status business logic into the azcopy package. * Golang 1.24.4 -> 1.24.11 * golang.org/x/crypto 0.40.0 -> 0.45.0 * Azure Files SMB -> Azure Files NFS transfers. * Symlink support for Azure Files NFS shares. * Introduced support for symbolic links in Azure Files NFS shares. * Symlinks can be preserved, skipped, or followed based on command-line flags. * Added a --check-version flag to make versionchecking an opt in feature. (#3173) * \--include-root flag now allows customers to preserve root properties when used in conjunction with --preserve-XXXX flags. (#3163) * Golang 1.24.4 -> 1.24.6 (#3154) * Fixed a bug to retry on various network errors. (#3237) (#3252) (bsc#1266311) * Fixed a bug where remove would not work on paths with encoded characters. (#2977) * Fixed a bug where jobs resume would not produce any output for previously failed jobs. (#3103) * Fixed a bug where FileBlob transfers with EntraID on the source would pass the wrong service version. (#3242) * Fixed a bug to retry on WSAETIMEDOUT on Windows. (#3195) * Fixed a bug with the folder creation tracker which caused folder creation calls to happen more often than necessary. (#3151) * Fixed a bug to redact x-ams-credential from logs. (#3206) * Fixed a bug where powershell login would fail with older versions of Az.Accounts. (#3191) * Fixed a bug where symlink direct targets would be handled as a file instead of a symlink. (#3222) * Refactored traverser related code into its own package. (#3251) * Refactored OAuth token manager access to use a client-based pattern instead of global singleton access. (#3260) * Removed unused code related to credential management. (#3260) * Refactored Lifecycle UI code into the cmd package (#3262). * Error handling code is now injected into JobMgr, or appropriately bubbled upwards instead of using global LCM error handling. (#3262) * AzCopy no longer checks version by default. (#3173) * Fixed --exclude-path flag not available in remove operations. (#3165) (#3159) * Fixed regression where AzCopy was not honoring concurrency value in copy operations (#3192) * Fixed the incorrect JSON output format of the warning message when there are multiple AzCopy processes running. (#3188) (#3182) * Fixed latest_version.txt from being wrongly created in users current directory. (#3179)(#3176) * Fixed AzCopy crashing duringsync operation from a nil pointer deref in the destination authentication policy. (#3186) (#3109) (#3156) (#3175) * Golang 1.24.2 -> 1.24.6 (CVE-2025-47907) (#3154) * For transfers involving Azure Files (NFS or SMB), AzCopy will not auto create file shares. * AzCopy binaries and latest version information will now be distributed from Github releases instead of the static website. (#3014) * Azure Files NFS Support via REST. * Added support to retry on copy source error code and status code for service to service copies. (#3105) * Added support for service to service copies from Azure Files to Blob Storage using EntraID. (#3053) * Fixed a bug where when copying a file that has already been deleted with \--trailing-dot=Disable resulted in the wrong error instead of a 404. (#3092) * Removed the warning message when failing to create a container. This message can be misleading when there is insufficient permissions to create a container and the container already exists. (#3045) * Improved the error message returned when block size is larger than bandwidth limit. (#3051) * Warn user if transfer is going to exceed 10M objects. (#3111) * Warn user if multiple AzCopy processes are running. (#3128) * Golang 1.24.2 -> 1.24.4 (#3085) * Azure Files NFS Support via REST API ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2466=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2026-2466=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2026-2466=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2026-2466=1 * Public Cloud Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP7-2026-2466=1 ##Package List: * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * azure-storage-azcopy-10.32.4-150400.9.11.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le x86_64) * azure-storage-azcopy-10.32.4-150400.9.11.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le x86_64) * azure-storage-azcopy-10.32.4-150400.9.11.1 * Public Cloud Module 15-SP6 (aarch64 ppc64le x86_64) * azure-storage-azcopy-10.32.4-150400.9.11.1 * Public Cloud Module 15-SP7 (aarch64 ppc64le x86_64) * azure-storage-azcopy-10.32.4-150400.9.11.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47907.html * https://www.suse.com/security/cve/CVE-2026-33186.html * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-34986.html * https://www.suse.com/security/cve/CVE-2026-39821.html * https://bugzilla.suse.com/show_bug.cgi?id=1247720 * https://bugzilla.suse.com/show_bug.cgi?id=1260307 * https://bugzilla.suse.com/show_bug.cgi?id=1262962 * https://bugzilla.suse.com/show_bug.cgi?id=1265841 * https://bugzilla.suse.com/show_bug.cgi?id=1266311 * https://bugzilla.suse.com/show_bug.cgi?id=1266657 . This update for azure-storage-azcopy resolves multiple issues. Important security measures to install now available.. SUSE Linux update, azure-storage-azcopy fix, important security patch, software vulnerabilities resolution, cloud storage security. . Severity: Important. LinuxSecurity.com Team
Jun 19, 2026 •Important SuSE 
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
Is automated patching safe for servers?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!