Security update for openssl-1_0_0 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2026:0332-1 Final 1 1 2026-01-29T06:04:36Z current 2026-01-29T06:04:36Z 2026-01-29T06:04:36Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for openssl-1_0_0 This update for openssl-1_0_0 fixes the following issues: - CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes (bsc#1256834). - CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response() function (bsc#1256837). - CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (bsc#1256838). - CVE-2026-22796: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (bsc#1256840). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2026-332,SUSE-SLE-Module-Legacy-15-SP7-2026-332,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-332,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-332,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-332,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-332,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-332,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-332,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-332,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-332,openSUSE-SLE-15.6-2026-332 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2026/suse-su-20260332-1/ Link for SUSE-SU-2026:0332-1 https://lists.suse.com/pipermail/sle-security-updates/2026-January/023983.html E-Mail link for SUSE-SU-2026:0332-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1256834 SUSE Bug 1256834 https://bugzilla.suse.com/1256837 SUSE Bug 1256837 https://bugzilla.suse.com/1256838 SUSE Bug 1256838 https://bugzilla.suse.com/1256840 SUSE Bug 1256840 https://www.suse.com/security/cve/CVE-2025-68160/ SUSE CVE CVE-2025-68160 page https://www.suse.com/security/cve/CVE-2025-69420/ SUSE CVE CVE-2025-69420 page https://www.suse.com/security/cve/CVE-2025-69421/ SUSE CVE CVE-2025-69421 page https://www.suse.com/security/cve/CVE-2026-22796/ SUSE CVE CVE-2026-22796 page SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS SUSE Linux Enterprise Module for Legacy 15 SP7 SUSE Linux Enterprise Server 15 SP4-LTSS SUSE Linux Enterprise Server 15 SP5-LTSS SUSE Linux Enterprise Server 15 SP6-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SP6 openSUSE Leap 15.6 libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.102.1 libopenssl-1_0_0-devel-64bit-1.0.2p-150000.3.102.1 libopenssl10-1.0.2p-150000.3.102.1 libopenssl1_0_0-1.0.2p-150000.3.102.1 libopenssl1_0_0-32bit-1.0.2p-150000.3.102.1 libopenssl1_0_0-64bit-1.0.2p-150000.3.102.1 libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.102.1 libopenssl1_0_0-hmac-64bit-1.0.2p-150000.3.102.1 libopenssl1_0_0-steam-1.0.2p-150000.3.102.1 libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.102.1 libopenssl1_0_0-steam-64bit-1.0.2p-150000.3.102.1 openssl-1_0_0-1.0.2p-150000.3.102.1 openssl-1_0_0-cavs-1.0.2p-150000.3.102.1 openssl-1_0_0-doc-1.0.2p-150000.3.102.1 libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS libopenssl10-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS libopenssl1_0_0-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS openssl-1_0_0-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS libopenssl10-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS libopenssl1_0_0-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS openssl-1_0_0-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Module for Legacy 15 SP7 libopenssl10-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Module for Legacy 15 SP7 libopenssl1_0_0-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Module for Legacy 15 SP7 libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Module for Legacy 15 SP7 openssl-1_0_0-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Module for Legacy 15 SP7 libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS libopenssl10-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS libopenssl1_0_0-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS openssl-1_0_0-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS libopenssl10-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS libopenssl1_0_0-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS openssl-1_0_0-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server 15 SP6-LTSS libopenssl10-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server 15 SP6-LTSS libopenssl1_0_0-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server 15 SP6-LTSS libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server 15 SP6-LTSS openssl-1_0_0-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server 15 SP6-LTSS libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 libopenssl10-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 libopenssl1_0_0-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 openssl-1_0_0-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 libopenssl10-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 libopenssl1_0_0-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 openssl-1_0_0-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP6 libopenssl10-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP6 libopenssl1_0_0-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP6 libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP6 openssl-1_0_0-1.0.2p-150000.3.102.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP6 libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 as a component of openSUSE Leap 15.6 libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.102.1 as a component of openSUSE Leap 15.6 libopenssl10-1.0.2p-150000.3.102.1 as a component of openSUSE Leap 15.6 libopenssl1_0_0-1.0.2p-150000.3.102.1 as a component of openSUSE Leap 15.6 libopenssl1_0_0-32bit-1.0.2p-150000.3.102.1 as a component of openSUSE Leap 15.6 libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 as a component of openSUSE Leap 15.6 libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.102.1 as a component of openSUSE Leap 15.6 libopenssl1_0_0-steam-1.0.2p-150000.3.102.1 as a component of openSUSE Leap 15.6 libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.102.1 as a component of openSUSE Leap 15.6 openssl-1_0_0-1.0.2p-150000.3.102.1 as a component of openSUSE Leap 15.6 openssl-1_0_0-cavs-1.0.2p-150000.3.102.1 as a component of openSUSE Leap 15.6 openssl-1_0_0-doc-1.0.2p-150000.3.102.1 as a component of openSUSE Leap 15.6 Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading to Denial of Service for an application. The line-buffering BIO filter (BIO_f_linebuffer) is not used by default in TLS/SSL data paths. In OpenSSL command-line applications, it is typically only pushed onto stdout/stderr on VMS systems. Third-party applications that explicitly use this filter with a BIO chain that can short-write and that write large, newline-free data influenced by an attacker would be affected. However, the circumstances where this could happen are unlikely to be under attacker control, and BIO_f_linebuffer is unlikely to be handling non-curated data controlled by an attacker. For that reason the issue was assessed as Low severity. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the BIO implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue. CVE-2025-68160 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_0_0-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-32bit-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:openssl-1_0_0-doc-1.0.2p-150000.3.102.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260332-1/ https://www.suse.com/security/cve/CVE-2025-68160.html CVE-2025-68160 https://bugzilla.suse.com/1256834 SUSE Bug 1256834 Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An application calling TS_RESP_verify_response() with a malformed TimeStamp Response can be caused to dereference an invalid or NULL pointer when reading, resulting in a Denial of Service. The functions ossl_ess_get_signing_cert() and ossl_ess_get_signing_cert_v2() access the signing cert attribute value without validating its type. When the type is not V_ASN1_SEQUENCE, this results in accessing invalid memory through the ASN1_TYPE union, causing a crash. Exploiting this vulnerability requires an attacker to provide a malformed TimeStamp Response to an application that verifies timestamp responses. The TimeStamp protocol (RFC 3161) is not widely used and the impact of the exploit is just a Denial of Service. For these reasons the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the TimeStamp Response implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue. CVE-2025-69420 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_0_0-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-32bit-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:openssl-1_0_0-doc-1.0.2p-150000.3.102.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260332-1/ https://www.suse.com/security/cve/CVE-2025-69420.html CVE-2025-69420 https://bugzilla.suse.com/1256837 SUSE Bug 1256837 Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS#12 files. The PKCS12_item_decrypt_d2i_ex() function does not check whether the oct parameter is NULL before dereferencing it. When called from PKCS12_unpack_p7encdata() with a malformed PKCS#12 file, this parameter can be NULL, causing a crash. The vulnerability is limited to Denial of Service and cannot be escalated to achieve code execution or memory disclosure. Exploiting this issue requires an attacker to provide a malformed PKCS#12 file to an application that processes it. For that reason the issue was assessed as Low severity according to our Security Policy. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue. CVE-2025-69421 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_0_0-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-32bit-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:openssl-1_0_0-doc-1.0.2p-150000.3.102.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260332-1/ https://www.suse.com/security/cve/CVE-2025-69421.html CVE-2025-69421 https://bugzilla.suse.com/1256838 SUSE Bug 1256838 Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS#7 data where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing malformed PKCS#7 data. Impact summary: An application performing signature verification of PKCS#7 data or calling directly the PKCS7_digest_from_attributes() function can be caused to dereference an invalid or NULL pointer when reading, resulting in a Denial of Service. The function PKCS7_digest_from_attributes() accesses the message digest attribute value without validating its type. When the type is not V_ASN1_OCTET_STRING, this results in accessing invalid memory through the ASN1_TYPE union, causing a crash. Exploiting this vulnerability requires an attacker to provide a malformed signed PKCS#7 to an application that verifies it. The impact of the exploit is just a Denial of Service, the PKCS7 API is legacy and applications should be using the CMS API instead. For these reasons the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#7 parsing implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue. CVE-2026-22796 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl10-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_0_0-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-32bit-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.102.1 openSUSE Leap 15.6:openssl-1_0_0-doc-1.0.2p-150000.3.102.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260332-1/ https://www.suse.com/security/cve/CVE-2026-22796.html CVE-2026-22796 https://bugzilla.suse.com/1256840 SUSE Bug 1256840