SUSE Package Hub - SUSE Package Hub Updates

Update ID	Severity	Type	Issued	Description	Packages
SUSE-PackageHub-16.0-628	important	security	2026-04-22	This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.27.1 fixes one security issue The following security issue was fixed: - CVE-2026-23268: apparmor: fix unprivileged local user can do p ...	kernel-livepatch-SLE16-RT_Update_6-2-160000.1.1
SUSE-PackageHub-16.0-626	moderate	recommended	2026-04-22	This update for pf-bb-config fixes the following issues: - Update to 25.11 (jsc#PED-16050): * No actual code change. * Removing configuration files in PF mode to avoid confusion since default ...	pf-bb-config-25.11-160000.1.1
SUSE-PackageHub-16.0-625	important	security	2026-04-22	This update for libcap fixes the following issues: - CVE-2026-4878: local privilege escalation through file capability injection due to TOCTOU race condition in `cap_set_file()` (bsc#1261809).	libcap-2.73-160000.3.1
SUSE-PackageHub-16.0-622	important	security	2026-04-22	This update for librsvg fixes the following issue: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion (bsc#1257922).	librsvg-2.60.2-160000.2.1
SUSE-PackageHub-16.0-621	important	security	2026-04-22	This update for google-guest-agent fixes the following issues: Update to version 20250506.01 (bsc#1243254, bsc#1243505). Security issues fixed: - CVE-2024-45337: golang.org/x/crypto/ssh: misuse of ...	google-guest-agent-20250506.01-160000.1.1
SUSE-PackageHub-16.0-619	important	security	2026-04-22	This update for erlang fixes the following issues: Security issues fixed: - CVE-2026-21620: improper isolation and compartmentalization can lead to TFTP relative path traversal and remote arbitrar ...	erlang-27.1.3-160000.4.1
SUSE-PackageHub-16.0-618	important	security	2026-04-22	This update for ImageMagick fixes the following issues: - CVE-2026-32259: stack out-of-bounds write due to a memory allocation failure in the sixel encoder can lead to a crash (bsc#1259612). - CVE- ...	ImageMagick-7.1.2.0-160000.8.1
SUSE-PackageHub-16.0-617	important	security	2026-04-22	This update for openexr fixes the following issues: - CVE-2026-34379: misaligned memory write during file decoding can cause a denial of service (bsc#1261621). - CVE-2026-34380: lack of proper check ...	openexr-3.2.2-160000.6.1
SUSE-PackageHub-16.0-616	important	security	2026-04-22	This update for sudo fixes the following issues: - CVE-2026-35535: unhandled failure of `setuid`, `setgid` or `setgroups` calls during a mailer privilege drop allows for local privilege escalation ...	sudo-1.9.17p1-160000.3.1
SUSE-PackageHub-16.0-612	moderate	security	2026-04-22	This update for giflib fixes the following issue: - CVE-2026-23868: double-free result of a shallow copy can lead to memory corruption (bsc#1259502).	giflib-5.2.2-160000.3.1

important

security

2026-04-22

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.27.1 fixes one security issue The following security issue was fixed: - CVE-2026-23268: apparmor: fix unprivileged local user can do p ...

kernel-livepatch-SLE16-RT_Update_6-2-160000.1.1

SUSE-PackageHub-16.0-626

moderate

recommended

2026-04-22

This update for pf-bb-config fixes the following issues: - Update to 25.11 (jsc#PED-16050): * No actual code change. * Removing configuration files in PF mode to avoid confusion since default ...

pf-bb-config-25.11-160000.1.1

SUSE-PackageHub-16.0-625

important

security

2026-04-22

This update for libcap fixes the following issues: - CVE-2026-4878: local privilege escalation through file capability injection due to TOCTOU race condition in `cap_set_file()` (bsc#1261809).

libcap-2.73-160000.3.1

SUSE-PackageHub-16.0-622

important

security

2026-04-22

This update for librsvg fixes the following issue: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion (bsc#1257922).

librsvg-2.60.2-160000.2.1

SUSE-PackageHub-16.0-621

important

security

2026-04-22

This update for google-guest-agent fixes the following issues: Update to version 20250506.01 (bsc#1243254, bsc#1243505). Security issues fixed: - CVE-2024-45337: golang.org/x/crypto/ssh: misuse of ...

google-guest-agent-20250506.01-160000.1.1

SUSE-PackageHub-16.0-619

important

security

2026-04-22

This update for erlang fixes the following issues: Security issues fixed: - CVE-2026-21620: improper isolation and compartmentalization can lead to TFTP relative path traversal and remote arbitrar ...

erlang-27.1.3-160000.4.1

SUSE-PackageHub-16.0-618

important

security

2026-04-22

This update for ImageMagick fixes the following issues: - CVE-2026-32259: stack out-of-bounds write due to a memory allocation failure in the sixel encoder can lead to a crash (bsc#1259612). - CVE- ...

ImageMagick-7.1.2.0-160000.8.1

SUSE-PackageHub-16.0-617

important

security

2026-04-22

This update for openexr fixes the following issues: - CVE-2026-34379: misaligned memory write during file decoding can cause a denial of service (bsc#1261621). - CVE-2026-34380: lack of proper check ...

openexr-3.2.2-160000.6.1

SUSE-PackageHub-16.0-616

important

security

2026-04-22

This update for sudo fixes the following issues: - CVE-2026-35535: unhandled failure of `setuid`, `setgid` or `setgroups` calls during a mailer privilege drop allows for local privilege escalation ...

sudo-1.9.17p1-160000.3.1

SUSE-PackageHub-16.0-612

moderate

security

2026-04-22

This update for giflib fixes the following issue: - CVE-2026-23868: double-free result of a shallow copy can lead to memory corruption (bsc#1259502).

giflib-5.2.2-160000.3.1