Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

openSUSE: 2025:0152-1 moderate update for kanidm openssl security fix

opensuse
Calendar Grey May 12, 2025
Dist Opensuse Esm H88
A recent openSUSE patch resolves a notable security flaw in kanidm concerning openssl vulnerabilities.
An update that fixes one vulnerability is now available

Description

This update for kanidm fixes the following issues:

- Update to version 1.6.2~git0.a20663ea8:

* Release 1.6.2

* fix: clippy

* maint: typo in log message

* Set kid manually to prevent divergence

* Order keys in application JWKS / Fix rotation bug

* Fix toml issues with strings

- Update to version 1.6.1~git0.2e4429eca:

* Release 1.6.1

* Resolve reload of oauth2 on startup (#3604)

- CVE-2025-3416: Fixed openssl use after free (boo#1242642)

- Update to version 1.6.0~git0.d7ae0f336:

* Release 1.6.0

* Avoid openssl for md4

* Fixes #3586, inverts the navbar button color (#3593)

* Release 1.6.0-pre

* chore: Release Notes (#3588)

* Do not require instances to exist during optional config load (#3591)

* Fix std::fmt::Display for some objects (#3587)

* Drop fernet in favour of JWE (#3577)

* docs: document how to configure oauth2 for opkssh (#3566)

* Add kanidm_ssh_authorizedkeys_direct to...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate threat mitigation openssl openSUSE kanidm

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2025-152=1

Package List

- openSUSE Backports SLE-15-SP6 (aarch64 x86_64):

kanidm-1.6.2~git0.a20663ea8-bp156.29.1

kanidm-clients-1.6.2~git0.a20663ea8-bp156.29.1

kanidm-clients-debuginfo-1.6.2~git0.a20663ea8-bp156.29.1

kanidm-debuginfo-1.6.2~git0.a20663ea8-bp156.29.1

kanidm-debugsource-1.6.2~git0.a20663ea8-bp156.29.1

kanidm-docs-1.6.2~git0.a20663ea8-bp156.29.1

kanidm-server-1.6.2~git0.a20663ea8-bp156.29.1

kanidm-server-debuginfo-1.6.2~git0.a20663ea8-bp156.29.1

kanidm-unixd-clients-1.6.2~git0.a20663ea8-bp156.29.1

kanidm-unixd-clients-debuginfo-1.6.2~git0.a20663ea8-bp156.29.1

References

https://www.suse.com/security/cve/CVE-2025-3416.html

https://bugzilla.suse.com/1242642

Announcement ID: openSUSE-SU-2025:0152-1
Rating: moderate
Affected Products: openSUSE Backports SLE-15-SP6 .

Topics%20covered

Topics Covered

security advisory moderate threat mitigation openssl openSUSE kanidm

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here