Explore top 10 tips to secure your open-source projects now. Read More
×Important: kernel security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:38492", "synopsis": "Important: kernel security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for kernel.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: md/bitmap: fix GPF in write_page caused by resize race (CVE-2026-43163)\n\n* kernel: rtmutex: Use waiter::task instead of current in remove_waiter() (CVE-2026-43499)\n\n* kernel: futex/requeue: Prevent NULL pointer dereference in remove_waiter() on self-deadlock (CVE-2026-53166)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2480453", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2480453", "description": ""}, {"ticket": "2467059", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2467059", "description": ""}, {"ticket": "2492805", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2492805", "description": ""}], "cves": [{"name": "CVE-2026-43163", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43163", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "4.7", "cwe": "CWE-825"}, {"name": "CVE-2026-43499", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43499", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-825"}, {"name": "CVE-2026-53166", "sourceBy": "MITRE","sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-53166", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "5.5", "cwe": "CWE-476"}], "references": [], "publishedAt": "2026-07-14T18:05:26.050107Z", "rpms": {"Rocky Linux 10": {"nvras": ["libperf-debuginfo-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-tools-libs-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "rtla-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-64k-debug-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-64k-modules-core-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-debug-core-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-debug-core-0:6.12.0-211.33.1.el10_2.s390x.rpm", "python3-perf-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-core-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-uki-virt-addons-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-doc-0:6.12.0-211.33.1.el10_2.noarch.rpm", "kernel-debug-core-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "rv-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-debug-modules-core-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-rt-64k-debug-debuginfo-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-64k-debug-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "perf-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-debug-modules-core-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-rt-core-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-tools-debuginfo-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "perf-debuginfo-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-devel-matched-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-modules-extra-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-uki-virt-addons-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-modules-extra-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-debug-modules-extra-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-0:6.12.0-211.33.1.el10_2.s390x.rpm", "rtla-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-debug-modules-core-0:6.12.0-211.33.1.el10_2.s390x.rpm","kernel-debug-devel-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-debug-modules-extra-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-modules-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "perf-debuginfo-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "libperf-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-modules-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-64k-debug-devel-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-tools-libs-devel-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-rt-debug-debuginfo-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-modules-core-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-devel-matched-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-debug-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-rt-debug-modules-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-modules-core-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-rt-debuginfo-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-uki-virt-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-debug-modules-extra-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-zfcpdump-modules-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-rt-debug-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "perf-debuginfo-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "rv-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-debug-devel-matched-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-debug-modules-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-uki-virt-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "rv-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-tools-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-modules-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-tools-libs-devel-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-debuginfo-common-s390x-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-64k-devel-matched-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-debug-debuginfo-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-debug-debuginfo-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-rt-64k-debug-modules-core-0:6.12.0-211.33.1.el10_2.aarch64.rpm","kernel-debug-devel-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-modules-core-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-tools-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-debug-debuginfo-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-zfcpdump-modules-extra-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-rt-64k-modules-extra-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-debug-devel-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-devel-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "python3-perf-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-64k-modules-extra-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-devel-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-zfcpdump-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-debug-core-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-debug-devel-matched-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-rt-debuginfo-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "libperf-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-64k-core-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-64k-modules-core-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-64k-debug-core-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "python3-perf-debuginfo-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-debug-debuginfo-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-devel-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-zfcpdump-modules-core-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-rt-64k-debuginfo-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-debug-modules-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-0:6.12.0-211.33.1.el10_2.src.rpm", "kernel-rt-64k-core-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-modules-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-tools-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "rtla-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-zfcpdump-core-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-debug-devel-matched-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-64k-devel-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-modules-extra-matched-0:6.12.0-211.33.1.el10_2.aarch64.rpm","kernel-rt-64k-debug-modules-extra-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "libperf-debuginfo-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-rt-64k-debug-devel-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-zfcpdump-debuginfo-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-modules-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-tools-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-debug-modules-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-zfcpdump-devel-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-rt-debug-debuginfo-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "perf-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-debug-uki-virt-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-debug-devel-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-64k-debug-devel-matched-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-modules-extra-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-devel-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-tools-libs-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-debug-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-tools-debuginfo-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "libperf-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-tools-debuginfo-0:6.12.0-211.33.1.el10_2.s390x.rpm", "python3-perf-debuginfo-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-rt-64k-debug-modules-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-debug-modules-core-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-tools-libs-devel-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-64k-debuginfo-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-debuginfo-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-abi-stablelists-0:6.12.0-211.33.1.el10_2.noarch.rpm", "perf-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-debuginfo-common-x86_64-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-debuginfo-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-debug-modules-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-rt-64k-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-debug-devel-matched-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-core-0:6.12.0-211.33.1.el10_2.ppc64le.rpm","libperf-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "python3-perf-debuginfo-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-devel-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-debuginfo-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-debug-devel-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-64k-modules-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-core-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-rt-debug-modules-core-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-debug-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-modules-extra-matched-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-debuginfo-common-ppc64le-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-rt-modules-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-64k-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "perf-debuginfo-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-debug-modules-core-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-modules-core-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-debuginfo-common-aarch64-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-debug-modules-extra-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-debug-modules-extra-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-64k-debug-core-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-64k-debug-modules-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "perf-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-modules-extra-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-rt-debug-core-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-zfcpdump-devel-matched-0:6.12.0-211.33.1.el10_2.s390x.rpm", "python3-perf-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-core-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-modules-extra-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "libperf-debuginfo-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-rt-modules-core-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-modules-extra-matched-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-devel-matched-0:6.12.0-211.33.1.el10_2.x86_64.rpm","rv-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-modules-extra-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-debug-core-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-devel-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-rt-64k-devel-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-modules-extra-matched-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-64k-debug-debuginfo-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-modules-core-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-64k-debug-modules-extra-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-rt-debug-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-debuginfo-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-rt-core-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "libperf-debuginfo-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-debug-modules-extra-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-64k-debug-modules-core-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-debug-modules-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-debug-devel-0:6.12.0-211.33.1.el10_2.s390x.rpm", "kernel-devel-matched-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "python3-perf-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "python3-perf-debuginfo-0:6.12.0-211.33.1.el10_2.ppc64le.rpm", "kernel-rt-64k-modules-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-debug-0:6.12.0-211.33.1.el10_2.aarch64.rpm", "kernel-tools-debuginfo-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "rtla-0:6.12.0-211.33.1.el10_2.x86_64.rpm", "kernel-tools-libs-0:6.12.0-211.33.1.el10_2.aarch64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important kernel security update available for Rocky Linux 10 fixing critical issues with potential risks.. Rocky Linux, kernel update, security patches, kernel vulnerabilities, software security. . LinuxSecurity.com Team
An update that contains security fixes can now be installed.. openSUSE Security Update: Security update for gosec ______________________________________________________________________________ Announcement ID: openSUSE-SU-2026:0244-1 Rating: important References: #1265919 #1266209 #1266793 #1267195 Affected Products: openSUSE Backports SLE-15-SP7 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for gosec fixes the following issues: - Fixing multiple vulnerabilities in the following embedded dependencies: golang.org/x/crypto/ssh (bsc#1266209), golang.org/x/net/html (bsc#1267195), golang.org/x/net/idna (bsc#1266793), golang.org/x/net/http2 (bsc#1265919). - Update to version 2.27.1: * Downgrade google lib to avoid min Go version bump (#1687) * Downgrade the jsonschema dep to v0.13.0 due to incompatibility with anthropick-sdk-go (#1686) * Update all dependencies (#1685) * Downgrade the github.com/invopop/jsonschema v0.13.0 to solve incopatibility with anthropic-sdk (#1683) * Update all dependencies (#1682) * Update vulnerabilities alerts for indirect dependencies * Pin dependencies (#1681) * Skip pining for my repos * Update renovate configuration * Fix typo * Update branch config in renovate config * Migrate config renovate.json (#1678) * Update renovate to refresh the branch creation * Update the renovate branch prefix * Update renovate config to pin the actions dependencies by digests (#1676) * Migrate the html remport to react v19. (#1675) * Manually update version to fix renovate (#1674) * feat: integrate Atlas Cloud provider (#1672) * Refactor error position parsing to support path with colon. (#1673) * Add two options to require rule ID and justificaiton for inline annotations (#1671) * Fix false positive in G118 when cancel is stored in a slice/map (#1670) * chore(go): update supported Go versions to 1.25.10 and 1.26.3 (#1669) * Harden the github workflows and action (#1665) * Fix justification delimiter in annotation format doc (#1661) * Update all dependencies (#1664) * Update action to use gosec version v2.26.1 (#1660) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP7: zypper in -t patch openSUSE-2026-244=1 Package List: - openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64): gosec-2.27.1-bp157.2.9.1 References: https://bugzilla.suse.com/1265919 https://bugzilla.suse.com/1266209 https://bugzilla.suse.com/1266793 https://bugzilla.suse.com/1267195 . This update for openSUSE addresses important issues in gosec with multiple security fixes and updates to dependencies.. openSUSE security,gosec update,system integrity fixes,security updates,important issues. . LinuxSecurity.com Team
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for enc ______________________________________________________________________________ Announcement ID: openSUSE-SU-2026:0245-1 Rating: important References: #1265533 Cross-References: CVE-2026-1229 CVSS scores: CVE-2026-1229 (SUSE): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N Affected Products: openSUSE Backports SLE-15-SP7 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for enc fixes the following issues: - CVE-2026-1229: Fix incorrect value produced by CombinedMult() in ecc/p384 (boo#1265533) Bump circl to 1.6.3 - Update to 1.1.5: * Update dependencies #10 - Update to 1.1.4: * Update all dependencies #9 - Update to 1.1.3: * Fix typo in README #7 * Update all dependencies #8 Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP7: zypper in -t patch openSUSE-2026-245=1 Package List: - openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64): enc-1.1.5-bp157.2.3.1 References: https://www.suse.com/security/cve/CVE-2026-1229.html https://bugzilla.suse.com/1265533 . openSUSE releases a critical update for enc addressing CVE-2026-1229, impacting system performance and security.. openSUSE enc patch enc security critical update. . LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # Security update for python-mistune Announcement ID: SUSE-SU-2026:2949-1 Release Date: 2026-07-14T09:23:51Z Rating: moderate References: * bsc#1265052 Cross-References: * CVE-2026-44898 CVSS scores: * CVE-2026-44898 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-44898 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-44898 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.4 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for python-mistune fixes the following issue * CVE-2026-44898: improper sanitization of user-supplied HTML input in `render_toc_ul` can lead to XSS (bsc#1265052). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-2949=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2949=1 ## Package List: * Python 3 Module 15-SP7 (noarch) * python311-mistune-2.0.5-150400.11.8.1 * openSUSE Leap 15.4 (noarch) * python311-mistune-2.0.5-150400.11.8.1 ## References: * https://www.suse.com/security/cve/CVE-2026-44898.html * https://bugzilla.suse.com/show_bug.cgi?id=1265052 . A security update for python-mistune addresses a moderate severity XSS vulnerability in openSUSE. Install now!. Python Mistune, openSUSE Advisory, XSS Threat, Moderate Severity Update. . LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # Security update for krb5 Announcement ID: SUSE-SU-2026:2954-1 Release Date: 2026-07-14T09:57:42Z Rating: important References: * bsc#1268131 Cross-References: * CVE-2026-11850 CVSS scores: * CVE-2026-11850 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2026-11850 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for krb5 fixes the following issue * CVE-2026-11850: integer underflow in berval2tl_data() leads to heap out-of- bounds read (bsc#1268131). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2954=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2954=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2954=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2954=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2954=1 * SUSE LinuxEnterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2954=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2954=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2954=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2954=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * krb5-client-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.24.1 * krb5-server-1.19.2-150400.3.24.1 * krb5-debugsource-1.19.2-150400.3.24.1 * krb5-1.19.2-150400.3.24.1 * krb5-client-1.19.2-150400.3.24.1 * krb5-debuginfo-1.19.2-150400.3.24.1 * krb5-devel-1.19.2-150400.3.24.1 * krb5-server-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.24.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * krb5-32bit-debuginfo-1.19.2-150400.3.24.1 * krb5-32bit-1.19.2-150400.3.24.1 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * krb5-debugsource-1.19.2-150400.3.24.1 * krb5-mini-debugsource-1.19.2-150400.3.24.1 * krb5-plugin-preauth-spake-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.24.1 * krb5-mini-debuginfo-1.19.2-150400.3.24.1 * krb5-debuginfo-1.19.2-150400.3.24.1 * krb5-server-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.24.1 * krb5-server-1.19.2-150400.3.24.1 * krb5-mini-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.24.1 * krb5-devel-1.19.2-150400.3.24.1 * krb5-client-debuginfo-1.19.2-150400.3.24.1 *krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.24.1 * krb5-1.19.2-150400.3.24.1 * krb5-mini-devel-1.19.2-150400.3.24.1 * krb5-client-1.19.2-150400.3.24.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.24.1 * openSUSE Leap 15.4 (aarch64_ilp32) * krb5-64bit-debuginfo-1.19.2-150400.3.24.1 * krb5-devel-64bit-1.19.2-150400.3.24.1 * krb5-64bit-1.19.2-150400.3.24.1 * openSUSE Leap 15.4 (x86_64) * krb5-32bit-debuginfo-1.19.2-150400.3.24.1 * krb5-devel-32bit-1.19.2-150400.3.24.1 * krb5-32bit-1.19.2-150400.3.24.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * krb5-client-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.24.1 * krb5-server-1.19.2-150400.3.24.1 * krb5-debugsource-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.24.1 * krb5-1.19.2-150400.3.24.1 * krb5-debuginfo-1.19.2-150400.3.24.1 * krb5-client-1.19.2-150400.3.24.1 * krb5-devel-1.19.2-150400.3.24.1 * krb5-server-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.24.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.24.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * krb5-32bit-debuginfo-1.19.2-150400.3.24.1 * krb5-32bit-1.19.2-150400.3.24.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * krb5-client-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.24.1 * krb5-server-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.24.1 * krb5-debugsource-1.19.2-150400.3.24.1 * krb5-1.19.2-150400.3.24.1 * krb5-client-1.19.2-150400.3.24.1 * krb5-devel-1.19.2-150400.3.24.1 * krb5-debuginfo-1.19.2-150400.3.24.1 *krb5-server-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.24.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.24.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * krb5-32bit-debuginfo-1.19.2-150400.3.24.1 * krb5-32bit-1.19.2-150400.3.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * krb5-client-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.24.1 * krb5-debugsource-1.19.2-150400.3.24.1 * krb5-server-1.19.2-150400.3.24.1 * krb5-1.19.2-150400.3.24.1 * krb5-client-1.19.2-150400.3.24.1 * krb5-debuginfo-1.19.2-150400.3.24.1 * krb5-devel-1.19.2-150400.3.24.1 * krb5-server-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.24.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * krb5-32bit-debuginfo-1.19.2-150400.3.24.1 * krb5-32bit-1.19.2-150400.3.24.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150400.3.24.1 * krb5-1.19.2-150400.3.24.1 * krb5-debuginfo-1.19.2-150400.3.24.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150400.3.24.1 * krb5-1.19.2-150400.3.24.1 * krb5-debuginfo-1.19.2-150400.3.24.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150400.3.24.1 * krb5-1.19.2-150400.3.24.1 * krb5-debuginfo-1.19.2-150400.3.24.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150400.3.24.1 * krb5-1.19.2-150400.3.24.1 * krb5-debuginfo-1.19.2-150400.3.24.1 ## References: *https://www.suse.com/security/cve/CVE-2026-11850.html * https://bugzilla.suse.com/show_bug.cgi?id=1268131 . An important update for openSUSE addressing heap overflow issues in krb5 is now available, resolving CVE-2026-11850.. openSUSE security patch, krb5 update, CVE-2026-11850, important advisory. . LinuxSecurity.com Team
An update that can now be installed.. # Security update for buildah Announcement ID: SUSE-SU-2026:2964-1 Release Date: 2026-07-14T11:09:44Z Rating: important References: Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that can now be installed. ## Description: This update for buildah rebuilds it against the current go security release. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2964=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2964=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2964=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2964=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2964=1 ## Package List: * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * buildah-1.35.5-150400.3.70.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * buildah-1.35.5-150400.3.70.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * buildah-1.35.5-150400.3.70.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * buildah-1.35.5-150400.3.70.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * buildah-1.35.5-150400.3.70.1 . This update for buildah applies important security fixes for openSUSE Leap 15.4 and other SUSE Linux distributions.. openSUSE security, buildah update, Linux security patch. . LinuxSecurity.com Team
An update that can now be installed.. # Security update for kubernetes-old Announcement ID: SUSE-SU-2026:2965-1 Release Date: 2026-07-14T11:10:09Z Rating: important References: Affected Products: * Containers Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that can now be installed. ## Description: This update for kubernetes-old rebuilds it against the current go security release. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2026-2965=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2965=1 ## Package List: * Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64) * kubernetes1.33-client-1.33.11-150600.13.34.1 * kubernetes1.33-client-common-1.33.11-150600.13.34.1 * Containers Module 15-SP7 (noarch) * kubernetes1.33-client-bash-completion-1.33.11-150600.13.34.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.33-client-1.33.11-150600.13.34.1 * kubernetes1.33-client-common-1.33.11-150600.13.34.1 * openSUSE Leap 15.6 (noarch) * kubernetes1.33-client-fish-completion-1.33.11-150600.13.34.1 * kubernetes1.33-client-bash-completion-1.33.11-150600.13.34.1 . Critical security update for kubernetes-old on openSUSE addressing recent vulnerabilities with installation instructions.. SUSE Linux Enterprise, kubernetes-old update, openSUSE Leap, Containers Module, go security. . LinuxSecurity.com Team
An update that solves two vulnerabilities can now be installed.. # Security update for python-Authlib Announcement ID: SUSE-SU-2026:2968-1 Release Date: 2026-07-14T11:15:55Z Rating: moderate References: * bsc#1263114 * bsc#1266665 Cross-References: * CVE-2026-41425 * CVE-2026-44681 CVSS scores: * CVE-2026-41425 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-41425 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-41425 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-44681 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-44681 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for python-Authlib fixes the following issues * CVE-2026-41425: no CSRF protection on the cache feature in `authlib.integrations.starlette_client.OAuth` (bsc#1263114). * CVE-2026-44681: unauthenticated open redirect in the `OpenIDImplicitGrant` and `OpenIDHybridGrant` authorization endpoints (bsc#1266665). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2968=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-2968=1 ## Package List: * Python 3 Module 15-SP7 (noarch) * python311-Authlib-1.3.1-150600.3.22.1 * openSUSE Leap 15.6 (noarch) * python311-Authlib-1.3.1-150600.3.22.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41425.html *https://www.suse.com/security/cve/CVE-2026-44681.html * https://bugzilla.suse.com/show_bug.cgi?id=1263114 * https://bugzilla.suse.com/show_bug.cgi?id=1266665 . This update for python-Authlib addresses two moderate issues including CSRF protection and open redirect risks.. python-Authlib update, security patch, openSUSE vulnerabilities. . LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.