OpenJPEG2, OpenJDK, Python, and more updates for SUSE

SUSE 5545 Published by

Several security updates have been released for SUSE Linux. These updates include patches for openjpeg2, assertj-core, python311-sse-starlette, java-25-openjdk, and abseil-cpp, among others. The severity of these updates ranges from low to moderate. Users are advised to review the individual update details to ensure they have taken necessary steps to secure their systems.

SUSE-SU-2026:0330-1: low: Security update for openjpeg2
openSUSE-SU-2026:10106-1: moderate: assertj-core-3.27.7-1.1 on GA media
openSUSE-SU-2026:10109-1: moderate: python311-sse-starlette-3.2.0-1.1 on GA media
openSUSE-SU-2026:10108-1: moderate: java-25-openjdk-25.0.2.0-1.1 on GA media
SUSE-SU-2026:0337-1: moderate: Security update for python
SUSE-SU-2026:0334-1: low: Security update for libxml2
SUSE-SU-2026:0338-1: moderate: Security update for abseil-cpp
SUSE-SU-2026:0332-1: moderate: Security update for openssl-1_0_0




SUSE-SU-2026:0330-1: low: Security update for openjpeg2


# Security update for openjpeg2

Announcement ID: SUSE-SU-2026:0330-1
Release Date: 2026-01-28T16:27:19Z
Rating: low
References:

* bsc#1227412

Cross-References:

* CVE-2023-39327

CVSS scores:

* CVE-2023-39327 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2023-39327 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2023-39327 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected Products:

* Basesystem Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Package Hub 15 15-SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for openjpeg2 fixes the following issues:

* CVE-2023-39327: Fixed malicious files can cause a large loop that
continuously prints warning messages on the terminal (bsc#1227412).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2026-330=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-330=1

* SUSE Package Hub 15 15-SP7
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-330=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* openjpeg2-debugsource-2.3.0-150000.3.24.1
* openjpeg2-devel-2.3.0-150000.3.24.1
* libopenjp2-7-debuginfo-2.3.0-150000.3.24.1
* libopenjp2-7-2.3.0-150000.3.24.1
* openjpeg2-2.3.0-150000.3.24.1
* openjpeg2-debuginfo-2.3.0-150000.3.24.1
* openSUSE Leap 15.6 (x86_64)
* libopenjp2-7-32bit-debuginfo-2.3.0-150000.3.24.1
* libopenjp2-7-32bit-2.3.0-150000.3.24.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* openjpeg2-debugsource-2.3.0-150000.3.24.1
* openjpeg2-devel-2.3.0-150000.3.24.1
* libopenjp2-7-debuginfo-2.3.0-150000.3.24.1
* libopenjp2-7-2.3.0-150000.3.24.1
* openjpeg2-2.3.0-150000.3.24.1
* openjpeg2-debuginfo-2.3.0-150000.3.24.1
* SUSE Package Hub 15 15-SP7 (x86_64)
* libopenjp2-7-32bit-debuginfo-2.3.0-150000.3.24.1
* libopenjp2-7-32bit-2.3.0-150000.3.24.1

## References:

* https://www.suse.com/security/cve/CVE-2023-39327.html
* https://bugzilla.suse.com/show_bug.cgi?id=1227412



openSUSE-SU-2026:10106-1: moderate: assertj-core-3.27.7-1.1 on GA media


# assertj-core-3.27.7-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10106-1
Rating: moderate

Cross-References:

* CVE-2026-24400

CVSS scores:

* CVE-2026-24400 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
* CVE-2026-24400 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the assertj-core-3.27.7-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* assertj-core 3.27.7-1.1
* assertj-core-javadoc 3.27.7-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-24400.html



openSUSE-SU-2026:10109-1: moderate: python311-sse-starlette-3.2.0-1.1 on GA media


# python311-sse-starlette-3.2.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10109-1
Rating: moderate

Cross-References:

* CVE-2025-62727

CVSS scores:

* CVE-2025-62727 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-62727 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the python311-sse-starlette-3.2.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python311-sse-starlette 3.2.0-1.1
* python312-sse-starlette 3.2.0-1.1
* python313-sse-starlette 3.2.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-62727.html



openSUSE-SU-2026:10108-1: moderate: java-25-openjdk-25.0.2.0-1.1 on GA media


# java-25-openjdk-25.0.2.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10108-1
Rating: moderate

Cross-References:

* CVE-2026-21925
* CVE-2026-21932
* CVE-2026-21933
* CVE-2026-21945

CVSS scores:

* CVE-2026-21925 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-21932 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
* CVE-2026-21933 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-21945 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves 4 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the java-25-openjdk-25.0.2.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* java-25-openjdk 25.0.2.0-1.1
* java-25-openjdk-demo 25.0.2.0-1.1
* java-25-openjdk-devel 25.0.2.0-1.1
* java-25-openjdk-headless 25.0.2.0-1.1
* java-25-openjdk-javadoc 25.0.2.0-1.1
* java-25-openjdk-jmods 25.0.2.0-1.1
* java-25-openjdk-src 25.0.2.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-21925.html
* https://www.suse.com/security/cve/CVE-2026-21932.html
* https://www.suse.com/security/cve/CVE-2026-21933.html
* https://www.suse.com/security/cve/CVE-2026-21945.html



SUSE-SU-2026:0337-1: moderate: Security update for python


# Security update for python

Announcement ID: SUSE-SU-2026:0337-1
Release Date: 2026-01-29T10:34:35Z
Rating: moderate
References:

* bsc#1257064

Cross-References:

* CVE-2025-6075

CVSS scores:

* CVE-2025-6075 ( SUSE ): 1.8
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-6075 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-6075 ( NVD ): 1.8
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Package Hub 15 15-SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for python fixes the following issues:

* Modified CVE-2025-6075 fix to not use `re.ASCII` flag (not available in
Python 2.7) (bsc#1257064).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Package Hub 15 15-SP7
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-337=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2026-337=1

## Package List:

* SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64)
* python-xml-debuginfo-2.7.18-150000.99.1
* libpython2_7-1_0-2.7.18-150000.99.1
* python-base-debugsource-2.7.18-150000.99.1
* python-xml-2.7.18-150000.99.1
* python-base-2.7.18-150000.99.1
* python-curses-2.7.18-150000.99.1
* python-debuginfo-2.7.18-150000.99.1
* python-base-debuginfo-2.7.18-150000.99.1
* python-curses-debuginfo-2.7.18-150000.99.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.99.1
* python-gdbm-2.7.18-150000.99.1
* python-2.7.18-150000.99.1
* python-debugsource-2.7.18-150000.99.1
* python-gdbm-debuginfo-2.7.18-150000.99.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* python-xml-debuginfo-2.7.18-150000.99.1
* python-idle-2.7.18-150000.99.1
* libpython2_7-1_0-2.7.18-150000.99.1
* python-base-debugsource-2.7.18-150000.99.1
* python-demo-2.7.18-150000.99.1
* python-devel-2.7.18-150000.99.1
* python-xml-2.7.18-150000.99.1
* python-base-2.7.18-150000.99.1
* python-curses-2.7.18-150000.99.1
* python-debuginfo-2.7.18-150000.99.1
* python-base-debuginfo-2.7.18-150000.99.1
* python-curses-debuginfo-2.7.18-150000.99.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.99.1
* python-gdbm-2.7.18-150000.99.1
* python-2.7.18-150000.99.1
* python-tk-2.7.18-150000.99.1
* python-tk-debuginfo-2.7.18-150000.99.1
* python-debugsource-2.7.18-150000.99.1
* python-gdbm-debuginfo-2.7.18-150000.99.1
* openSUSE Leap 15.6 (x86_64)
* python-base-32bit-2.7.18-150000.99.1
* python-32bit-2.7.18-150000.99.1
* python-base-32bit-debuginfo-2.7.18-150000.99.1
* python-32bit-debuginfo-2.7.18-150000.99.1
* libpython2_7-1_0-32bit-2.7.18-150000.99.1
* libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.99.1
* openSUSE Leap 15.6 (noarch)
* python-doc-pdf-2.7.18-150000.99.1
* python-doc-2.7.18-150000.99.1

## References:

* https://www.suse.com/security/cve/CVE-2025-6075.html
* https://bugzilla.suse.com/show_bug.cgi?id=1257064



SUSE-SU-2026:0334-1: low: Security update for libxml2


# Security update for libxml2

Announcement ID: SUSE-SU-2026:0334-1
Release Date: 2026-01-29T10:01:40Z
Rating: low
References:

* bsc#1256805

Cross-References:

* CVE-2026-0989

CVSS scores:

* CVE-2026-0989 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-0989 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2026-0989 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2

An update that solves one vulnerability can now be installed.

## Description:

This update for libxml2 fixes the following issues:

* CVE-2026-0989: Fixed call stack exhaustion leading to application crash due
to RelaxNG parser not limiting the recursion depth when resolving
`<include>` directives (bsc#1256805)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2026-334=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-334=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-334=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* python3-libxml2-python-2.9.7-150000.3.91.1
* python3-libxml2-python-debuginfo-2.9.7-150000.3.91.1
* python-libxml2-python-debugsource-2.9.7-150000.3.91.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* libxml2-2-2.9.7-150000.3.91.1
* libxml2-debugsource-2.9.7-150000.3.91.1
* libxml2-tools-debuginfo-2.9.7-150000.3.91.1
* libxml2-2-debuginfo-2.9.7-150000.3.91.1
* python3-libxml2-python-debuginfo-2.9.7-150000.3.91.1
* python3-libxml2-python-2.9.7-150000.3.91.1
* libxml2-tools-2.9.7-150000.3.91.1
* python-libxml2-python-debugsource-2.9.7-150000.3.91.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* libxml2-2-2.9.7-150000.3.91.1
* libxml2-debugsource-2.9.7-150000.3.91.1
* libxml2-tools-debuginfo-2.9.7-150000.3.91.1
* libxml2-2-debuginfo-2.9.7-150000.3.91.1
* python3-libxml2-python-debuginfo-2.9.7-150000.3.91.1
* python3-libxml2-python-2.9.7-150000.3.91.1
* libxml2-tools-2.9.7-150000.3.91.1
* python-libxml2-python-debugsource-2.9.7-150000.3.91.1

## References:

* https://www.suse.com/security/cve/CVE-2026-0989.html
* https://bugzilla.suse.com/show_bug.cgi?id=1256805



SUSE-SU-2026:0338-1: moderate: Security update for abseil-cpp


# Security update for abseil-cpp

Announcement ID: SUSE-SU-2026:0338-1
Release Date: 2026-01-29T10:35:51Z
Rating: moderate
References:

* bsc#1237543

Cross-References:

* CVE-2025-0838

CVSS scores:

* CVE-2025-0838 ( SUSE ): 5.9
CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:A/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L
* CVE-2025-0838 ( SUSE ): 5.6 CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:L
* CVE-2025-0838 ( NVD ): 5.9
CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:A/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-0838 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* Basesystem Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for abseil-cpp fixes the following issues:

* CVE-2025-0838: Fixed heap buffer overflow in sized constructors, reserve(),
and rehash() methods of absl:{flat,node}hash{set,map} (bsc#1237543).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-338=1 openSUSE-SLE-15.6-2026-338=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-338=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* abseil-cpp-debugsource-20240116.3-150600.19.6.1
* libabsl2401_0_0-debuginfo-20240116.3-150600.19.6.1
* abseil-cpp-devel-20240116.3-150600.19.6.1
* libabsl2401_0_0-20240116.3-150600.19.6.1
* openSUSE Leap 15.6 (x86_64)
* libabsl2401_0_0-32bit-debuginfo-20240116.3-150600.19.6.1
* libabsl2401_0_0-32bit-20240116.3-150600.19.6.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libabsl2401_0_0-64bit-debuginfo-20240116.3-150600.19.6.1
* libabsl2401_0_0-64bit-20240116.3-150600.19.6.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* abseil-cpp-debugsource-20240116.3-150600.19.6.1
* libabsl2401_0_0-debuginfo-20240116.3-150600.19.6.1
* abseil-cpp-devel-20240116.3-150600.19.6.1
* libabsl2401_0_0-20240116.3-150600.19.6.1
* Basesystem Module 15-SP7 (x86_64)
* libabsl2401_0_0-32bit-debuginfo-20240116.3-150600.19.6.1
* libabsl2401_0_0-32bit-20240116.3-150600.19.6.1

## References:

* https://www.suse.com/security/cve/CVE-2025-0838.html
* https://bugzilla.suse.com/show_bug.cgi?id=1237543



SUSE-SU-2026:0332-1: moderate: Security update for openssl-1_0_0


# Security update for openssl-1_0_0

Announcement ID: SUSE-SU-2026:0332-1
Release Date: 2026-01-29T06:05:07Z
Rating: moderate
References:

* bsc#1256834
* bsc#1256837
* bsc#1256838
* bsc#1256840

Cross-References:

* CVE-2025-68160
* CVE-2025-69420
* CVE-2025-69421
* CVE-2026-22796

CVSS scores:

* CVE-2025-68160 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68160 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-69420 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-69420 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-69420 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-69421 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-69421 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-22796 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-22796 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* Legacy Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves four vulnerabilities can now be installed.

## Description:

This update for openssl-1_0_0 fixes the following issues:

* CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes
(bsc#1256834).
* CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response()
function (bsc#1256837).
* CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex
function (bsc#1256838).
* CVE-2026-22796: ASN1_TYPE Type Confusion in the
PKCS7_digest_from_attributes() function (bsc#1256840).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-332=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-332=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-332=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-332=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-332=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-332=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-332=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-332=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2026-332=1

* Legacy Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2026-332=1

## Package List:

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libopenssl10-1.0.2p-150000.3.102.1
* libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1
* libopenssl1_0_0-1.0.2p-150000.3.102.1
* libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1
* libopenssl1_0_0-debuginfo-1.0.2p-150000.3.102.1
* openssl-1_0_0-1.0.2p-150000.3.102.1
* openssl-1_0_0-debugsource-1.0.2p-150000.3.102.1
* openssl-1_0_0-debuginfo-1.0.2p-150000.3.102.1
* libopenssl10-debuginfo-1.0.2p-150000.3.102.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libopenssl10-1.0.2p-150000.3.102.1
* libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1
* libopenssl1_0_0-1.0.2p-150000.3.102.1
* libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1
* libopenssl1_0_0-debuginfo-1.0.2p-150000.3.102.1
* openssl-1_0_0-1.0.2p-150000.3.102.1
* openssl-1_0_0-debugsource-1.0.2p-150000.3.102.1
* openssl-1_0_0-debuginfo-1.0.2p-150000.3.102.1
* libopenssl10-debuginfo-1.0.2p-150000.3.102.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* libopenssl10-1.0.2p-150000.3.102.1
* libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1
* libopenssl1_0_0-1.0.2p-150000.3.102.1
* libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1
* libopenssl1_0_0-debuginfo-1.0.2p-150000.3.102.1
* openssl-1_0_0-1.0.2p-150000.3.102.1
* openssl-1_0_0-debugsource-1.0.2p-150000.3.102.1
* openssl-1_0_0-debuginfo-1.0.2p-150000.3.102.1
* libopenssl10-debuginfo-1.0.2p-150000.3.102.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* libopenssl10-1.0.2p-150000.3.102.1
* libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1
* libopenssl1_0_0-1.0.2p-150000.3.102.1
* libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1
* libopenssl1_0_0-debuginfo-1.0.2p-150000.3.102.1
* openssl-1_0_0-1.0.2p-150000.3.102.1
* openssl-1_0_0-debugsource-1.0.2p-150000.3.102.1
* openssl-1_0_0-debuginfo-1.0.2p-150000.3.102.1
* libopenssl10-debuginfo-1.0.2p-150000.3.102.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* libopenssl10-1.0.2p-150000.3.102.1
* libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1
* libopenssl1_0_0-1.0.2p-150000.3.102.1
* libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1
* libopenssl1_0_0-debuginfo-1.0.2p-150000.3.102.1
* openssl-1_0_0-1.0.2p-150000.3.102.1
* openssl-1_0_0-debugsource-1.0.2p-150000.3.102.1
* openssl-1_0_0-debuginfo-1.0.2p-150000.3.102.1
* libopenssl10-debuginfo-1.0.2p-150000.3.102.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libopenssl10-1.0.2p-150000.3.102.1
* libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1
* libopenssl1_0_0-1.0.2p-150000.3.102.1
* libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1
* libopenssl1_0_0-debuginfo-1.0.2p-150000.3.102.1
* openssl-1_0_0-1.0.2p-150000.3.102.1
* openssl-1_0_0-debugsource-1.0.2p-150000.3.102.1
* openssl-1_0_0-debuginfo-1.0.2p-150000.3.102.1
* libopenssl10-debuginfo-1.0.2p-150000.3.102.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* libopenssl10-1.0.2p-150000.3.102.1
* libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1
* libopenssl1_0_0-1.0.2p-150000.3.102.1
* libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1
* libopenssl1_0_0-debuginfo-1.0.2p-150000.3.102.1
* openssl-1_0_0-1.0.2p-150000.3.102.1
* openssl-1_0_0-debugsource-1.0.2p-150000.3.102.1
* openssl-1_0_0-debuginfo-1.0.2p-150000.3.102.1
* libopenssl10-debuginfo-1.0.2p-150000.3.102.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* libopenssl10-1.0.2p-150000.3.102.1
* libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1
* libopenssl1_0_0-1.0.2p-150000.3.102.1
* libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1
* libopenssl1_0_0-debuginfo-1.0.2p-150000.3.102.1
* openssl-1_0_0-1.0.2p-150000.3.102.1
* openssl-1_0_0-debugsource-1.0.2p-150000.3.102.1
* openssl-1_0_0-debuginfo-1.0.2p-150000.3.102.1
* libopenssl10-debuginfo-1.0.2p-150000.3.102.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* libopenssl1_0_0-steam-1.0.2p-150000.3.102.1
* libopenssl10-1.0.2p-150000.3.102.1
* libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1
* libopenssl1_0_0-1.0.2p-150000.3.102.1
* libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1
* libopenssl1_0_0-debuginfo-1.0.2p-150000.3.102.1
* openssl-1_0_0-1.0.2p-150000.3.102.1
* openssl-1_0_0-debugsource-1.0.2p-150000.3.102.1
* openssl-1_0_0-cavs-1.0.2p-150000.3.102.1
* openssl-1_0_0-debuginfo-1.0.2p-150000.3.102.1
* libopenssl1_0_0-steam-debuginfo-1.0.2p-150000.3.102.1
* libopenssl10-debuginfo-1.0.2p-150000.3.102.1
* openssl-1_0_0-cavs-debuginfo-1.0.2p-150000.3.102.1
* openSUSE Leap 15.6 (x86_64)
* libopenssl1_0_0-32bit-1.0.2p-150000.3.102.1
* libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.102.1
* libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.102.1
* libopenssl1_0_0-32bit-debuginfo-1.0.2p-150000.3.102.1
* libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.102.1
* libopenssl1_0_0-steam-32bit-debuginfo-1.0.2p-150000.3.102.1
* openSUSE Leap 15.6 (noarch)
* openssl-1_0_0-doc-1.0.2p-150000.3.102.1
* Legacy Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* libopenssl10-1.0.2p-150000.3.102.1
* libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1
* libopenssl1_0_0-1.0.2p-150000.3.102.1
* libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1
* libopenssl1_0_0-debuginfo-1.0.2p-150000.3.102.1
* openssl-1_0_0-1.0.2p-150000.3.102.1
* openssl-1_0_0-debugsource-1.0.2p-150000.3.102.1
* openssl-1_0_0-debuginfo-1.0.2p-150000.3.102.1
* libopenssl10-debuginfo-1.0.2p-150000.3.102.1

## References:

* https://www.suse.com/security/cve/CVE-2025-68160.html
* https://www.suse.com/security/cve/CVE-2025-69420.html
* https://www.suse.com/security/cve/CVE-2025-69421.html
* https://www.suse.com/security/cve/CVE-2026-22796.html
* https://bugzilla.suse.com/show_bug.cgi?id=1256834
* https://bugzilla.suse.com/show_bug.cgi?id=1256837
* https://bugzilla.suse.com/show_bug.cgi?id=1256838
* https://bugzilla.suse.com/show_bug.cgi?id=1256840


Python, GIMP, Spice Client, and more updates for RHEL

TeX Live, Container, Kernel, WLC updates for Ubuntu

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...