SUSE Package Hub - SUSE Package Hub Updates

Update ID	Severity	Type	Issued	Description	Packages
openSUSE-2026-200	important	security	2026-06-10	This update for NetworkManager-libreswan fixes the following issues: - Update to version 1.2.24 (boo#1232040): + Fixed formatting of ipsec.conf snippet. This is a security issue with severity o ...	NetworkManager-libreswan-1.2.24-bp157.3.3.1
openSUSE-2026-199	critical	security	2026-06-10	This update for rclone fixes the following issues: - Update to version 1.74.3: (boo#1267869) - Bug Fixes - rc - Fix unauthenticated command execution via --rc-serve inline remotes ...	rclone-1.74.3-bp157.2.9.1
openSUSE-2026-198	critical	security	2026-06-10	This update for kanidm fixes the following issues: - Update to version 1.10.2~git0.f3dc9ef1f: * Release 1.10.2 * Security - CRITICAL - authenticated user privilege escalation * Refactor modific ...	kanidm-1.10.2~git0.f3dc9ef1f-bp156.64.1
SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2318	important	security	2026-06-09	This update for python-Django fixes the following issues - CVE-2026-6873: signed cookie salt namespace collision in `django.http.HttpRequest.get_signed_cookie` (bsc#1267578). - CVE-2026-7666: potenti ...	python-Django-4.2.11-150600.3.59.1
SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2309	low	security	2026-06-09	This update for podofo fixes the following issue: - CVE-2026-44348: double-free in `compute_hash_to_sign()` in `src/podofo/private/OpenSSLInternal_Ripped.cpp` (bsc#1265320).	podofo-1.0.2-150700.3.6.1
SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2308	important	security	2026-06-09	This update for netty, netty-tcnative fixes the following issues - CVE-2026-41417: missing validations leads to HTTP request smuggling and RTSP request injection via start-line injection in `Defaul ...	netty-4.1.133-150200.4.46.1
SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2306	important	security	2026-06-09	This update for perl-Protocol-HTTP2 fixes the following issue - CVE-2026-10725: denial of service due to absence of inbound HPACK header-list size limit (HTTP/2 Bomb attack) (bsc#1267857).	perl-Protocol-HTTP2-1.10-150600.3.3.1
SUSE-PackageHub-16.0-909	moderate	recommended	2026-06-09	This update for python-pycomposefile fixes the following issues: Changes in python-pycomposefile: - Update to version 0.0.34 * Add comprehensive test coverage for KVP splitting with multiple equal ...	python-pycomposefile-0.0.34-160000.1.1
openSUSE-2026-197	moderate	recommended	2026-06-09	This update for ansible-sap-launchpad fixes the following issues: - 1.3.2 - Bugfixes: - all - Replace inject vars with ansible_facts for 2.20	ansible-sap-launchpad-1.3.2-bp156.13.1
openSUSE-2026-196	moderate	recommended	2026-06-09	This update for ansible-sap-launchpad fixes the following issues: - 1.3.2 - Bugfixes: - all - Replace inject vars with ansible_facts for 2.20	ansible-sap-launchpad-1.3.2-bp157.2.9.1

openSUSE-2026-200

important

security

2026-06-10

This update for NetworkManager-libreswan fixes the following issues: - Update to version 1.2.24 (boo#1232040): + Fixed formatting of ipsec.conf snippet. This is a security issue with severity o ...

NetworkManager-libreswan-1.2.24-bp157.3.3.1

openSUSE-2026-199

critical

security

2026-06-10

This update for rclone fixes the following issues: - Update to version 1.74.3: (boo#1267869) - Bug Fixes - rc - Fix unauthenticated command execution via --rc-serve inline remotes ...

rclone-1.74.3-bp157.2.9.1

openSUSE-2026-198

critical

security

2026-06-10

This update for kanidm fixes the following issues: - Update to version 1.10.2~git0.f3dc9ef1f: * Release 1.10.2 * Security - CRITICAL - authenticated user privilege escalation * Refactor modific ...

kanidm-1.10.2~git0.f3dc9ef1f-bp156.64.1

SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2318

important

security

2026-06-09

This update for python-Django fixes the following issues - CVE-2026-6873: signed cookie salt namespace collision in `django.http.HttpRequest.get_signed_cookie` (bsc#1267578). - CVE-2026-7666: potenti ...

python-Django-4.2.11-150600.3.59.1

SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2309

low

security

2026-06-09

This update for podofo fixes the following issue: - CVE-2026-44348: double-free in `compute_hash_to_sign()` in `src/podofo/private/OpenSSLInternal_Ripped.cpp` (bsc#1265320).

podofo-1.0.2-150700.3.6.1

SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2308

important

security

2026-06-09

This update for netty, netty-tcnative fixes the following issues - CVE-2026-41417: missing validations leads to HTTP request smuggling and RTSP request injection via start-line injection in `Defaul ...

netty-4.1.133-150200.4.46.1

SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2306

important

security

2026-06-09

This update for perl-Protocol-HTTP2 fixes the following issue - CVE-2026-10725: denial of service due to absence of inbound HPACK header-list size limit (HTTP/2 Bomb attack) (bsc#1267857).

perl-Protocol-HTTP2-1.10-150600.3.3.1

SUSE-PackageHub-16.0-909

moderate

recommended

2026-06-09

This update for python-pycomposefile fixes the following issues: Changes in python-pycomposefile: - Update to version 0.0.34 * Add comprehensive test coverage for KVP splitting with multiple equal ...

python-pycomposefile-0.0.34-160000.1.1

openSUSE-2026-197

moderate

recommended

2026-06-09

This update for ansible-sap-launchpad fixes the following issues: - 1.3.2 - Bugfixes: - all - Replace inject vars with ansible_facts for 2.20

ansible-sap-launchpad-1.3.2-bp156.13.1

openSUSE-2026-196

moderate

recommended

2026-06-09

This update for ansible-sap-launchpad fixes the following issues: - 1.3.2 - Bugfixes: - all - Replace inject vars with ansible_facts for 2.20

ansible-sap-launchpad-1.3.2-bp157.2.9.1