Описание
Security update for s390-tools
This update for s390-tools rebuilds the existing package with the new 4k RSA secure boot key.
Security issues fixed:
- CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate. (bsc#1242622)
Other issues:
- Added the new IBM z17 (9175) processor type
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP6
libekmfweb1-2.31.0-150600.8.16.1
libekmfweb1-devel-2.31.0-150600.8.16.1
libkmipclient1-2.31.0-150600.8.16.1
osasnmpd-2.31.0-150600.8.16.1
s390-tools-2.31.0-150600.8.16.1
s390-tools-chreipl-fcp-mpath-2.31.0-150600.8.16.1
s390-tools-genprotimg-data-2.31.0-150600.8.16.1
s390-tools-hmcdrvfs-2.31.0-150600.8.16.1
s390-tools-zdsfs-2.31.0-150600.8.16.1
openSUSE Leap 15.6
libekmfweb1-2.31.0-150600.8.16.1
libekmfweb1-devel-2.31.0-150600.8.16.1
libkmipclient1-2.31.0-150600.8.16.1
libkmipclient1-devel-2.31.0-150600.8.16.1
osasnmpd-2.31.0-150600.8.16.1
s390-tools-2.31.0-150600.8.16.1
s390-tools-chreipl-fcp-mpath-2.31.0-150600.8.16.1
s390-tools-genprotimg-data-2.31.0-150600.8.16.1
s390-tools-hmcdrvfs-2.31.0-150600.8.16.1
s390-tools-zdsfs-2.31.0-150600.8.16.1
Ссылки
- Link for SUSE-SU-2025:01619-1
- E-Mail link for SUSE-SU-2025:01619-1
- SUSE Security Ratings
- SUSE Bug 1242622
- SUSE CVE CVE-2025-3416 page
Описание
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:libekmfweb1-2.31.0-150600.8.16.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libekmfweb1-devel-2.31.0-150600.8.16.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libkmipclient1-2.31.0-150600.8.16.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:osasnmpd-2.31.0-150600.8.16.1
Ссылки
- CVE-2025-3416
- SUSE Bug 1242599