Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

openSUSE Keybase-Client Important Patch for 19 Issues 2026-20902-1

opensuse
Calendar Grey June 5, 2026
Dist Opensuse Esm H88
Update for keybase-client on openSUSE addresses 19 vulnerabilities along with 7 critical bug fixes.
An update that solves 19 vulnerabilities and has 7 bug fixes can now be installed.

Description

This update for keybase-client fixes the following issues:

Changes in keybase-client:

- golang.org/x/crypto/ssh: Fixed multiple issues:

CVE-2026-39827, CVE-2026-39834, CVE-2026-39828, CVE-2026-39829, CVE-2026-39831,

CVE-2026-42508, CVE-2026-39833, CVE-2026-39830, CVE-2026-39832, CVE-2026-46597,

CVE-2026-46598, CVE-2026-46595, CVE-2026-39835 (boo#1266158)

- CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels

allows for validation bypass and privilege escalation (boo#1266596).

- Update to version 6.6.2

* Improve git default branch handling

- CVE-2026-33809: golang.org/x/image/tiff: excessive resource consumption due to

large allocation attempt when decoding maliciously crafted TIFF file (bsc#1260696)

- Switch to go1.25 as required by update go image library.

- Update to version 6.6.0

* Various bug fixes and performance improvements

- CVE-2026-26958: filippo.io/edwards25519: failure to initialize receiver in MultiScalarMult

...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory privilege escalation vulnerability important OpenSUSE keybase-client

Patch

Package List

- openSUSE Leap 16.0:

kbfs-6.6.2-bp160.1.1

kbfs-git-6.6.2-bp160.1.1

kbfs-tool-6.6.2-bp160.1.1

keybase-client-6.6.2-bp160.1.1

References

* bsc#1253563

* bsc#1253864

* bsc#1254023

* bsc#1258591

* bsc#1260696

* bsc#1266158

* bsc#1266596

References:

* https://www.suse.com/security/cve/CVE-2025-47913.html

* https://www.suse.com/security/cve/CVE-2025-47914.html

* https://www.suse.com/security/cve/CVE-2025-58181.html

* https://www.suse.com/security/cve/CVE-2026-26958.html

* https://www.suse.com/security/cve/CVE-2026-33809.html

* https://www.suse.com/security/cve/CVE-2026-39821.html

* https://www.suse.com/security/cve/CVE-2026-39827.html

* https://www.suse.com/security/cve/CVE-2026-39828.html

* https://www.suse.com/security/cve/CVE-2026-39829.html

* https://www.suse.com/security/cve/CVE-2026-39830.html

* https://www.suse.com/security/cve/CVE-2026-39831.html

* https://www.suse.com/security/cve/CVE-2026-39832.html

* https://www.suse.com/security/cve/CVE-2026-39833.html

* https://www.suse.com/security/cve/CVE-2026-39834.html

* https://www.suse.com/security/cve/CVE-2026-39835.html

* https://www.suse.com/security/cve/CVE-2026-42508.html

*...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:20902-1
Rating: important
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Topics%20covered

Topics Covered

security advisory privilege escalation vulnerability important OpenSUSE keybase-client

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here