openSUSE mbedtls-2 Moderate TLS Update Security Advisory 2026-21145-1

opensuse

June 30, 2026

An update that solves 3 vulnerabilities and has 3 bug fixes can now be installed.

Description

This update for mbedtls-2 fixes the following issues:

Changes in mbedtls-2:

- Enable SRTP and DTLS protocols needed by some software.

- Update to version 2.28.10:

Default behavior changes

* In TLS clients, if mbedtls_ssl_set_hostname() has not been called,

mbedtls_ssl_handshake() now fails with

MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME

if certificate-based authentication of the server is attempted.

This is because authenticating a server without knowing what name

to expect is usually insecure. To restore the old behavior, either

call mbedtls_ssl_set_hostname() with NULL as the hostname, or

enable the new compile-time option

MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME.

The content of ssl->hostname after mbedtls_ssl_set_hostname(ssl, NULL)

has changed, see the documentation of the hostname field in the

mbedtls_ssl_context struct type for details.

Security

* Note that TLS clients should...

Read the Full Advisory

Topics Covered

security advisory moderate update TLS OpenSUSE mbedtls

Patch

Package List

- openSUSE Leap 16.0:

libmbedcrypto7-2.28.10-bp160.1.1

libmbedcrypto7-x86-64-v3-2.28.10-bp160.1.1

libmbedtls14-2.28.10-bp160.1.1

libmbedtls14-x86-64-v3-2.28.10-bp160.1.1

libmbedx509-1-2.28.10-bp160.1.1

libmbedx509-1-x86-64-v3-2.28.10-bp160.1.1

mbedtls-2-devel-2.28.10-bp160.1.1

References

* bsc#1230310

* bsc#1240051

* bsc#1240052

References:

* https://www.suse.com/security/cve/CVE-2024-45157.html

* https://www.suse.com/security/cve/CVE-2025-27809.html

* https://www.suse.com/security/cve/CVE-2025-27810.html

Severity

moderate

Lowest

Low

Medium

High

Critical

Announcement ID: openSUSE-SU-2026:21145-1

Rating: moderate

Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Topics Covered

security advisory moderate update TLS OpenSUSE mbedtls

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

openSUSE mbedtls-2 Moderate TLS Update Security Advisory 2026-21145-1

Description

Topics Covered

Patch

Package List

References

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

openSUSE mbedtls-2 Moderate TLS Update Security Advisory 2026-21145-1

Description

Topics Covered

Patch

Package List

References

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!