SUSE-SU-2026:20607-1
- Source
- https://www.suse.com/support/update/announcement/2026/suse-su-202620607-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:20607-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2026:20607-1
- Upstream
- Related
- Published
- 2026-02-18T16:23:27Z
- Modified
- 2026-03-23T04:53:04.111495Z
- Summary
- Security update for openssl-3-livepatches
- Details
-
This update for openssl-3-livepatches fixes the following issues:
- CVE-2025-11187: Fixed improper validation of PBMAC1 parameters in PKCS#12 MAC verification (bsc#1256878).
- CVE-2025-15467: Fixed stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256876).
- CVE-2025-15468: Fixed NULL dereference in SSLCIPHERfind() function on unknown cipher ID (bsc#1256880).
- CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK Unwrap (bsc#1250410).
- References
-
- https://www.suse.com/support/update/announcement/2026/suse-su-202620607-1/
- https://bugzilla.suse.com/1250410
- https://bugzilla.suse.com/1256876
- https://bugzilla.suse.com/1256878
- https://bugzilla.suse.com/1256880
- https://www.suse.com/security/cve/CVE-2025-11187
- https://www.suse.com/security/cve/CVE-2025-15467
- https://www.suse.com/security/cve/CVE-2025-15468
- https://www.suse.com/security/cve/CVE-2025-9230
Affected packages
SUSE:Linux Enterprise Server 16.0 / openssl-3-livepatches
Package
- Name
- openssl-3-livepatches
- Purl
- pkg:rpm/suse/openssl-3-livepatches&distro=SUSE%20Linux%20Enterprise%20Server%2016.0