SUSE-SU-2026:1411-1
Vulnerability Summary
Timeline
Description
Security update for terraform-provider-local, terraform-provider-random, terraform-provider-tls This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue: - CVE-2026-25934: github.com/go-git/go-git/v5: improper verification of data integrity values for .pack and .idx files that can lead to the consumption of corrupted files (bsc#1258097). - CVE-2026-33186: fix authorization bypass in grpc-go due to improper validation of the HTTP/2 :path pseudo-header (bsc#1260218)
Affected Systems
- opensuse•terraform-provider-local&distro=openSUSE Leap 15.6
< 2.0.0-150200.6.8.1
- opensuse•terraform-provider-null&distro=openSUSE Leap 15.6
< 3.0.0-150200.6.12.1
- opensuse•terraform-provider-random&distro=openSUSE Leap 15.6
< 3.0.0-150200.6.6.2
- opensuse•terraform-provider-tls&distro=openSUSE Leap 15.6
< 3.0.0-150200.5.6.2
- suse•terraform-provider-local&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP4
< 2.0.0-150200.6.8.1
- suse•terraform-provider-local&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP5
< 2.0.0-150200.6.8.1
- suse•terraform-provider-null&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP4
< 3.0.0-150200.6.12.1
- suse•terraform-provider-null&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP5
< 3.0.0-150200.6.12.1
- suse•terraform-provider-random&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP4
< 3.0.0-150200.6.6.2
- suse•terraform-provider-random&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP5
< 3.0.0-150200.6.6.2
- suse•terraform-provider-tls&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP4
< 3.0.0-150200.5.6.2
- suse•terraform-provider-tls&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP5
< 3.0.0-150200.5.6.2