Explore top 10 tips to secure your open-source projects now. Read More
×
This update for opam fixes the following issues:
Update to version 2.5.2:
- CVE-2026-57825: Fixed a bug that allowed a package to install files
anywhere
on the system using a symlink to an external directory without warning
the user and asking for their permission.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP7:
zypper in -t patch openSUSE-2026-250=1
- openSUSE Backports SLE-15-SP7 (aarch64 ppc64le s390x x86_64):
opam-2.5.2-bp157.2.6.1
opam-devel-2.5.2-bp157.2.6.1
opam-installer-2.5.2-bp157.2.6.1
https://www.suse.com/security/cve/CVE-2026-57825.html
Get the latest Linux and open source security news straight to your inbox.