openSUSE Security Updates Address Critical Vulnerabilities in Perl Packages

openSUSE released security updates for two critical vulnerabilities affecting Perl packages. CVE-2026-8829, published on 2026-06-04, involves a moderate memory issue in perl-HTML-Parser, potentially allowing unauthorized memory access. CVE-2026-8450, published on 2026-05-27, allows OS command injection in perl-HTTP-Daemon, posing a significant risk to systems running affected versions. Users of openSUSE Leap 16.0 are advised to apply the updates using YaST online_update or 'zypper patch'. The vulnerabilities affect versions prior to the patched releases, with specific commands provided for remediation. The updates are crucial for maintaining system integrity and security against potential exploitation.

Key Points: • CVE-2026-8829 affects perl-HTML-Parser, allowing unauthorized memory access. • CVE-2026-8450 enables OS command injection in perl-HTTP-Daemon. • Users are urged to apply security updates immediately to mitigate risks.