Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

openSUSE Leap 15.4 SUSE-SU-2025:3942-1 qatengine qatlib Moderate Threat

opensuse
Calendar Grey November 5, 2025
Dist Opensuse Esm H88
An update to openSUSE fixes three moderate vulnerabilities in qatengine and qatlib software. Immediate action recommended.
An update that solves three vulnerabilities can now be installed.

Description

This update for qatengine, qatlib fixes the following issues:

Note that the 1.6.1 release included in 1.7.0 fixes the following

vulnerabilities:

* bsc#1233363 (CVE-2024-28885)

* bsc#1233365 (CVE-2024-31074)

* bsc#1233366 (CVE-2024-33617)

Update to 1.7.0:

* ipp-crypto name change to cryptography-primitives

* QAT_SW GCM memory leak fix in cleanup function

* Update limitation section in README for v1.7.0 release

* Fix build with OPENSSL_NO_ENGINE

* Fix for build issues with qatprovider in qatlib

* Bug fixes and README updates to v1.7.0

* Remove qat_contig_mem driver support

* Add support for building QAT Engine ENGINE and PROVIDER modules with QuicTLS

3.x libraries

* Fix for DSA issue with openssl3.2

* Fix missing lower bounds check on index i

* Enabled SW Fallback support for FBSD

* Fix for segfault issue when SHIM config section is unavailable

* Fix for Coverity & Resource leak

* Fix for RSA failure with SVM enabled in openssl-3.2

* SM3...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate threat mitigation OpenSUSE qatengine qatlib

Patch

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like

YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server for SAP Applications 15 SP4

zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3942=1

* SUSE Manager Proxy 4.3 LTS

zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-3942=1

* SUSE Manager Retail Branch Server 4.3 LTS

zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-

Server-4.3-LTS-2025-3942=1

* SUSE Manager Server 4.3 LTS

zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3942=1

* openSUSE Leap 15.4

zypper in -t patch SUSE-2025-3942=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4

zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3942=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4

zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3942=1

* SUSE Linux Enterprise Server 15...

Read the Full Advisory

Package List

* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)

* libqat4-24.09.0-150400.3.6.1

* qatzip-debugsource-1.1.0-150400.3.3.1

* libqatzip3-1.1.0-150400.3.3.1

* qatlib-debugsource-24.09.0-150400.3.6.1

* libqat4-debuginfo-24.09.0-150400.3.6.1

* qatzip-1.1.0-150400.3.3.1

* qatengine-debugsource-1.7.0-150400.3.6.1

* qatlib-24.09.0-150400.3.6.1

* libqatzip3-debuginfo-1.1.0-150400.3.3.1

* libusdm0-debuginfo-24.09.0-150400.3.6.1

* qatlib-debuginfo-24.09.0-150400.3.6.1

* qatzip-devel-1.1.0-150400.3.3.1

* qatengine-debuginfo-1.7.0-150400.3.6.1

* qatengine-1.7.0-150400.3.6.1

* qatlib-devel-24.09.0-150400.3.6.1

* libusdm0-24.09.0-150400.3.6.1

* qatzip-debuginfo-1.1.0-150400.3.3.1

* SUSE Manager Proxy 4.3 LTS (x86_64)

* libqat4-24.09.0-150400.3.6.1

* qatzip-debugsource-1.1.0-150400.3.3.1

* libqatzip3-1.1.0-150400.3.3.1

* qatlib-debugsource-24.09.0-150400.3.6.1

* libqat4-debuginfo-24.09.0-150400.3.6.1

* qatzip-1.1.0-150400.3.3.1

* qatengine-debugsource-1.7.0-150400.3.6.1

* qatlib-24.09.0-150400.3.6.1

*...

Read the Full Advisory

References

* bsc#1233363

* bsc#1233365

* bsc#1233366

## References:

* https://www.suse.com/security/cve/CVE-2024-28885.html

* https://www.suse.com/security/cve/CVE-2024-31074.html

* https://www.suse.com/security/cve/CVE-2024-33617.html

* https://bugzilla.suse.com/show_bug.cgi?id=1233363

* https://bugzilla.suse.com/show_bug.cgi?id=1233365

* https://bugzilla.suse.com/show_bug.cgi?id=1233366

Announcement ID: SUSE-SU-2025:3942-1
Release Date: 2025-11-05T08:16:03Z
Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS

Topics%20covered

Topics Covered

security advisory moderate threat mitigation OpenSUSE qatengine qatlib

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here