suse-sles-15-sp5-v20260506-hvm-ssd-x86_64 Package Source Changes

kernel-default

- crypto: authencesn - Fix src offset when decrypting in-place
  (bsc#1262573 CVE-2026-31431).
- commit 86cbba3

- crypto: authencesn - Do not place hiseq at end of dst for
  out-of-place decryption (bsc#1262573 CVE-2026-31431).
- commit d00ea08

- crypto: authenc - use memcpy_sglist() instead of null skcipher
  (bsc#1262573 CVE-2026-31431).
- Refresh
  patches.suse/crypto-authencesn-reject-too-short-AAD-assoclen-8-to.patch
- commit 8439d6a

- kABI: Restore af_alg_{count,pull}_tsgl() signatures (bsc#1262573
  CVE-2026-31431).
- commit 3c6e00a

- crypto: algif_aead - Revert to operating out-of-place
  (bsc#1262573 CVE-2026-31431).
- commit 402e84d

- crypto: algif_aead - use memcpy_sglist() instead of null skcipher
  (bsc#1262573 CVE-2026-31431).
- commit f620cf3

- crypto: scatterwalk - Fix memcpy_sglist() to always succeed
  (bsc#1262573 CVE-2026-31431).
- commit 8814cb0

- crypto: scatterwalk - Add memcpy_sglist (bsc#1262573
  CVE-2026-31431).
- commit e081d55

python-certifi

- Add python36-certifi provides/obsoletes to enable SLE-12 ->
  SLE-15 migration, bsc#1233012

python-idna

- Add python36-idna provides/obsoletes to enable SLE-12 ->
  SLE-15 migration, bsc#1233012

python-packaging

- Add python36-packaging provides/obsoletes to enable SLE-12 ->
  SLE-15 migration, bsc#1233012

python-ply

- Add python36-ply provides/obsoletes to enable SLE-12 ->
  SLE-15 migration, bsc#1233012

python-pycparser

- Add python36-pycparser provides/obsoletes to enable SLE-12 ->
  SLE-15 migration, bsc#1233012

python-py

- Add python36-py provides/obsoletes to enable SLE-12 ->
  SLE-15 migration, bsc#1233012

python-requests

- CVE-2026-25645: `extract_zipped_paths()` uses predictable filenames when extracting files from zip archives and reuses target files that already exist without validation (bsc#1260589)
  Add patch CVE-2026-25645.patch

- Add python36- provides/obsoletes to enable SLE-12 ->
  SLE-15 migration, bsc#1233012

python-six

- Add python36-six provides/obsoletes to enable SLE-12 ->
  SLE-15 migration, bsc#1233012

python-urllib3

- fix regression in CVE-2025-66471.patch when downloading large files
  (bsc#1259829)

sed

- Add CVE-2026-5958.patch
  * Fix CVE-2026-5958 (bsc#1262144):
    A TOCTOU race can allow to read attacker-controlled content and write
    it to an unintended file

000release-packages:sle-module-basesystem-release

n/a

000release-packages:sle-module-containers-release

n/a

000release-packages:sle-module-desktop-applications-release

n/a

000release-packages:sle-module-development-tools-release

n/a

000release-packages:sle-module-public-cloud-release

n/a

000release-packages:sle-module-python3-release

n/a

000release-packages:sle-module-server-applications-release

n/a

000release-packages:sle-module-web-scripting-release

n/a

xen

- bsc#1262428 - VUL-0: CVE-2025-54505: xen: Floating Point Divider
  State Sampling on AMD CPUs AMD-SN-7053 (XSA-488)
  xsa488.patch

- bsc#1262178 - VUL-0: CVE-2026-23557: xen: Xenstored DoS via
  XS_RESET_WATCHES command (XSA-484)
  xsa484.patch
- bsc#1262180 - VUL-0: CVE-2026-23558: xen: grant table v2 race in
  status page mapping (XSA-486)
  xsa486.patch