SUSE Package Hub - SUSE Package Hub Updates

Update ID	Severity	Type	Issued	Description	Packages
SUSE-PackageHub-16.0-packagehub-171	critical	security	2026-03-18	This update for python-Authlib fixes the following issues: Changes in python-Authlib: - CVE-2026-27962: JWS `deserialize_compact()` allows for signature bypass by accepting user-controlled embedde ...	python-Authlib-1.5.2-bp160.3.1
SUSE-PackageHub-16.0-packagehub-170	important	security	2026-03-18	This update for MozillaThunderbird fixes the following issues: Changes in MozillaThunderbird: - Mozilla Thunderbird 140.8.1 ESR * Add mail.openpgp.load_untested_gpgme_version to load untested ...	MozillaThunderbird-140.8.1-bp160.1.1
SUSE-PackageHub-16.0-408	moderate	security	2026-03-18	This update for protobuf fixes the following issues: Security fixes: - CVE-2025-4565: Fixed parsing of untrusted Protocol Buffers data containing an arbitrary number of recursive groups or message ...	protobuf-java-28.3-160000.3.1
SUSE-PackageHub-16.0-407	important	recommended	2026-03-18	This update for gcc15 fixes the following issues: Changes in gcc15: - Fixed bogus expression simplification (bsc#1257463)	cross-aarch64-gcc15-15.2.0+git10201-160000.2.1 cross-aarch64-gcc15-bootstrap-15.2.0+git10201-160000.2.1 cross-arm-gcc15-15.2.0+git10201-160000.2.1 cross-hppa-gcc15-bootstrap-15.2.0+git10201-160000.2.1 cross-ppc64le-gcc15-15.2.0+git10201-160000.2.1 cross-ppc64le-gcc15-bootstrap-15.2.0+git10201-160000.2.1 cross-riscv64-gcc15-15.2.0+git10201-160000.2.1 cross-riscv64-gcc15-bootstrap-15.2.0+git10201-160000.2.1 gcc15-15.2.0+git10201-160000.2.1 gcc15-testresults-15.2.0+git10201-160000.2.1 ...
SUSE-PackageHub-16.0-406	important	security	2026-03-18	This update for postgresql17 fixes the following issues: - Update to version 17.9. (bsc#1258754) - CVE-2026-2003: Guard against unexpected dimensions of oidvector/int2vector (bsc#1258008) - CVE-2026- ...	postgresql17-17.9-160000.1.1
SUSE-PackageHub-16.0-404	moderate	security	2026-03-18	This update for cosign fixes the following issues: Update to version 3.0.5: - CVE-2026-24122: Fixed improper validation of certificates that outlive expired CA certificates (bsc#1258542) - CVE-202 ...	cosign-3.0.5-160000.1.1
SUSE-PackageHub-16.0-403	important	security	2026-03-18	This update for libjxl fixes the following issues: Update to libjxl 0.11.2: - CVE-2025-12474: a specially crafted file can cause the decoder to read pixel data from uninitialized allocated memory ...	libjxl-0.11.2-160000.1.1
SUSE-PackageHub-16.0-216	important	security	2026-03-18	This update for postgresql17 and postgresql18 fixes the following issues: Changes in postgresql17, postgresql18: Update to 17.7: * https://www.postgresql.org/about/news/p-3171/ * https://www.postgr ...	postgresql-18-160000.1.1 postgresql17-17.7-160000.1.1 postgresql18-18.1-160000.1.2
openSUSE-2026-88	critical	security	2026-03-18	This update for krb5-appl fixes the following issues: - CVE-2026-32746: Remote Pre-Auth Buffer Overflow in GNU Inetutils telnetd LINEMODE (boo#1259691)	krb5-appl-1.0.3-bp157.2.3.1
openSUSE-2026-87	important	security	2026-03-18	This update for python-simpleeval fixes the following issues: - CVE-2026-32640: Objects (including modules) can leak dangerous modules through to direct access inside the sandbox (boo#1259685)	python-simpleeval-0.9.13-bp157.2.3.1

critical

security

2026-03-18

This update for python-Authlib fixes the following issues: Changes in python-Authlib: - CVE-2026-27962: JWS `deserialize_compact()` allows for signature bypass by accepting user-controlled embedde ...

python-Authlib-1.5.2-bp160.3.1

SUSE-PackageHub-16.0-packagehub-170

important

security

2026-03-18

This update for MozillaThunderbird fixes the following issues: Changes in MozillaThunderbird: - Mozilla Thunderbird 140.8.1 ESR * Add mail.openpgp.load_untested_gpgme_version to load untested ...

MozillaThunderbird-140.8.1-bp160.1.1

SUSE-PackageHub-16.0-408

moderate

security

2026-03-18

This update for protobuf fixes the following issues: Security fixes: - CVE-2025-4565: Fixed parsing of untrusted Protocol Buffers data containing an arbitrary number of recursive groups or message ...

protobuf-java-28.3-160000.3.1

SUSE-PackageHub-16.0-407

important

recommended

2026-03-18

This update for gcc15 fixes the following issues: Changes in gcc15: - Fixed bogus expression simplification (bsc#1257463)

cross-aarch64-gcc15-15.2.0+git10201-160000.2.1
cross-aarch64-gcc15-bootstrap-15.2.0+git10201-160000.2.1
cross-arm-gcc15-15.2.0+git10201-160000.2.1
cross-hppa-gcc15-bootstrap-15.2.0+git10201-160000.2.1
cross-ppc64le-gcc15-15.2.0+git10201-160000.2.1
cross-ppc64le-gcc15-bootstrap-15.2.0+git10201-160000.2.1
cross-riscv64-gcc15-15.2.0+git10201-160000.2.1
cross-riscv64-gcc15-bootstrap-15.2.0+git10201-160000.2.1
gcc15-15.2.0+git10201-160000.2.1
gcc15-testresults-15.2.0+git10201-160000.2.1
...

SUSE-PackageHub-16.0-406

important

security

2026-03-18

This update for postgresql17 fixes the following issues: - Update to version 17.9. (bsc#1258754) - CVE-2026-2003: Guard against unexpected dimensions of oidvector/int2vector (bsc#1258008) - CVE-2026- ...

postgresql17-17.9-160000.1.1

SUSE-PackageHub-16.0-404

moderate

security

2026-03-18

This update for cosign fixes the following issues: Update to version 3.0.5: - CVE-2026-24122: Fixed improper validation of certificates that outlive expired CA certificates (bsc#1258542) - CVE-202 ...

cosign-3.0.5-160000.1.1

SUSE-PackageHub-16.0-403

important

security

2026-03-18

This update for libjxl fixes the following issues: Update to libjxl 0.11.2: - CVE-2025-12474: a specially crafted file can cause the decoder to read pixel data from uninitialized allocated memory ...

libjxl-0.11.2-160000.1.1

SUSE-PackageHub-16.0-216

important

security

2026-03-18

This update for postgresql17 and postgresql18 fixes the following issues: Changes in postgresql17, postgresql18: Update to 17.7: * https://www.postgresql.org/about/news/p-3171/ * https://www.postgr ...

postgresql-18-160000.1.1
postgresql17-17.7-160000.1.1
postgresql18-18.1-160000.1.2

openSUSE-2026-88

critical

security

2026-03-18

This update for krb5-appl fixes the following issues: - CVE-2026-32746: Remote Pre-Auth Buffer Overflow in GNU Inetutils telnetd LINEMODE (boo#1259691)

krb5-appl-1.0.3-bp157.2.3.1

openSUSE-2026-87

important

security

2026-03-18

This update for python-simpleeval fixes the following issues: - CVE-2026-32640: Objects (including modules) can leak dangerous modules through to direct access inside the sandbox (boo#1259685)

python-simpleeval-0.9.13-bp157.2.3.1