Explore top 10 tips to secure your open-source projects now. Read More
×
This update for krb5 fixes the following issue
- CVE-2026-11850: integer underflow in berval2tl_data() leads to heap out-of-bounds read (bsc#1268131).
Patch instructions:
To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 16.0
zypper in -t patch openSUSE-Leap-16.0-1159=1
- openSUSE Leap 16.0:
krb5-1.21.3-160000.4.1
krb5-client-1.21.3-160000.4.1
krb5-devel-1.21.3-160000.4.1
krb5-plugin-kdb-ldap-1.21.3-160000.4.1
krb5-plugin-preauth-otp-1.21.3-160000.4.1
krb5-plugin-preauth-pkinit-1.21.3-160000.4.1
krb5-plugin-preauth-spake-1.21.3-160000.4.1
krb5-server-1.21.3-160000.4.1
* bsc#1268131
References:
* https://www.suse.com/security/cve/CVE-2026-11850.html
Get the latest Linux and open source security news straight to your inbox.