Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 536
Alerts This Week
Warning Icon 1 536

openSUSE Leap 16.0 libsodium Moderate Update CVE-2025-15444

opensuse
Calendar Grey April 30, 2026
Scroller Opensuse
Update for openSUSE fixes moderate issues in libsodium with cryptographic security improvements and bug fixes.
An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed.

Description

This update for libsodium fixes the following issues:

Security fixes:

- CVE-2025-15444: Cryptographic bypass via improper elliptic curve point validation (bsc#1256070).

- CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to

crypto_core_ed25519_is_valid_point function (bsc#1255764).

Other fixes:

- Update to 1.0.21

* The new crypto_ipcrypt_* functions implement mechanisms for securely

encrypting and anonymizing IP addresses.

* The sodium_bin2ip and sodium_ip2bin helper functions have been added to

complement the crypto_ipcrypt_* functions and easily convert addresses

between bytes and strings.

* XOF: the crypto_xof_shake* and crypto_xof_turboshake* functions are

* standard

extendable output functions. From input of any length, they can derive

output of any length with the same properties as hash functions. These

primitives are required by many post-quantum mechanisms, but can also be

used for a wide range of...

Read the Full Advisory

Patch

Package List

- openSUSE Leap 16.0:

libsodium-devel-1.0.21-160000.1.1

libsodium26-1.0.21-160000.1.1

References

* bsc#1255764

* bsc#1256070

References:

* https://www.suse.com/security/cve/CVE-2025-15444.html

* https://www.suse.com/security/cve/CVE-2025-69277.html

Announcement ID: openSUSE-SU-2026:20642-1
Rating: moderate
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.