SUSE-SU-2025:03243-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2025/suse-su-202503243-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:03243-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2025:03243-1
Upstream
Related
Published
2025-09-17T10:24:10Z
Modified
2025-09-18T20:01:25.621416Z
Summary
Security update for nginx
Details

This update for nginx fixes the following issues:

  • CVE-2025-53859: the server side may leak arbitrary bytes during the NGINX SMTP authentication process (bsc#1248070).
  • CVE-2025-23419: session resumption can bypass client certificate authentication requirements using TLSv1.3 (bsc#1236851).
References

Affected packages