keylime-config-7.14.0+0-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2026:10165-1 Final 1 1 2026-02-10T00:00:00Z current 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z keylime-config-7.14.0+0-1.1 on GA media These are all security issues fixed in the keylime-config-7.14.0+0-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2026-10165 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2026-1709/ SUSE CVE CVE-2026-1709 page openSUSE Tumbleweed keylime-config-7.14.0+0-1.1 keylime-firewalld-7.14.0+0-1.1 keylime-logrotate-7.14.0+0-1.1 keylime-registrar-7.14.0+0-1.1 keylime-tenant-7.14.0+0-1.1 keylime-tpm_cert_store-7.14.0+0-1.1 keylime-verifier-7.14.0+0-1.1 python311-keylime-7.14.0+0-1.1 python312-keylime-7.14.0+0-1.1 python313-keylime-7.14.0+0-1.1 keylime-config-7.14.0+0-1.1 as a component of openSUSE Tumbleweed keylime-firewalld-7.14.0+0-1.1 as a component of openSUSE Tumbleweed keylime-logrotate-7.14.0+0-1.1 as a component of openSUSE Tumbleweed keylime-registrar-7.14.0+0-1.1 as a component of openSUSE Tumbleweed keylime-tenant-7.14.0+0-1.1 as a component of openSUSE Tumbleweed keylime-tpm_cert_store-7.14.0+0-1.1 as a component of openSUSE Tumbleweed keylime-verifier-7.14.0+0-1.1 as a component of openSUSE Tumbleweed python311-keylime-7.14.0+0-1.1 as a component of openSUSE Tumbleweed python312-keylime-7.14.0+0-1.1 as a component of openSUSE Tumbleweed python313-keylime-7.14.0+0-1.1 as a component of openSUSE Tumbleweed A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate. CVE-2026-1709 openSUSE Tumbleweed:keylime-config-7.14.0+0-1.1 openSUSE Tumbleweed:keylime-firewalld-7.14.0+0-1.1 openSUSE Tumbleweed:keylime-logrotate-7.14.0+0-1.1 openSUSE Tumbleweed:keylime-registrar-7.14.0+0-1.1 openSUSE Tumbleweed:keylime-tenant-7.14.0+0-1.1 openSUSE Tumbleweed:keylime-tpm_cert_store-7.14.0+0-1.1 openSUSE Tumbleweed:keylime-verifier-7.14.0+0-1.1 openSUSE Tumbleweed:python311-keylime-7.14.0+0-1.1 openSUSE Tumbleweed:python312-keylime-7.14.0+0-1.1 openSUSE Tumbleweed:python313-keylime-7.14.0+0-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2026-1709.html CVE-2026-1709 https://bugzilla.suse.com/1257895 SUSE Bug 1257895