SLES

SLES 12 — libgcrypt20 — multiple vulnerabilities (10 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — libgcrypt20 — multiple vulnerabilities (10 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2021:254-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-33560 CVE-2024-2236 CVE-2013-4242 CVE-2014-3591 CVE-2015-0837 CVE-2015-7511 CVE-2016-6313 CVE-2017-9526  +2 more Upstream summary: Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks […]

Read more
SLES 16 — shadow — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — shadow — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-RU-2026:1228-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-4235 CVE-2018-7169 CVE-2023-29383 Upstream summary: shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees Table of contents Symptom & Impact Environment & […]

Read more
SLES 12 — libproxy1 — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — libproxy1 — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2020:518-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-25219 CVE-2020-26154 CVE-2012-4504 Upstream summary: url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response […]

Read more
SLES 15 — espeak-ng — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — espeak-ng — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2632-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-49990 CVE-2023-49991 CVE-2023-49992 CVE-2023-49993 CVE-2023-49994 Upstream summary: Espeak-ng 1.52-dev was discovered to contain a buffer-overflow via the function SetUpPhonemeTable at synthdata.c. Table of contents Symptom […]

Read more
SLES 12 — libslurm39 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — libslurm39 — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0280-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-49935 Upstream summary: An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control because of a slurmd Message Integrity Bypass. […]

Read more
SLES 15 — python311-Flask-Security-Too — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python311-Flask-Security-Too — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2023-49438 Upstream summary: An open redirect vulnerability in the python package Flask-Security-Too <=5.3.2 allows attackers to redirect unsuspecting users to malicious sites via a crafted […]

Read more
SLES 12 — python-tornado — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — python-tornado — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:2913-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-28370 CVE-2014-9720 Upstream summary: Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary […]

Read more
SLES 16 — graphite2 — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — graphite2 — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2016:0779-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-1521 CVE-2017-5436 CVE-2018-7999 Upstream summary: The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox […]

Read more
SLES 15 — m4 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — m4 — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2013:1329-1 (see also SUSE bugzilla) Related CVEs: CVE-2009-4029 Upstream summary: The (1) dist or (2) distcheck rules in GNU Automake 1.11.1, 1.10.3, and release branches branch-1-4 through branch-1-9, when producing a distribution […]

Read more
SLES 16 — gsasl — vulnerability — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — gsasl — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:3561-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-2469 Upstream summary: GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis […]

Read more
CHAT