Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
Is automated patching safe for servers?
Loading...
Explore Latest Linux Security advisories
We found -7 articles for you...
202
security advisorymoderateOpenSSLopenSUSE 15.5 openssl-3 Moderate NULL Pointer Threat SUSE-SU-2026-1711-1
An update that solves one vulnerability can now be installed.. # Security update for openssl-3 Announcement ID: SUSE-SU-2026:1711-1 Release Date: 2026-05-06T12:04:48Z Rating: moderate References: * bsc#1261678 Cross-References: * CVE-2026-28390 CVSS scores: * CVE-2026-28390 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-28390 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-28390 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-28390 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-3 fixes the following issue: * CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo (bsc#1261678). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1711=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1711=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1711=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1711=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -tpatch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1711=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libopenssl3-3.0.8-150500.5.63.1 * libopenssl3-debuginfo-3.0.8-150500.5.63.1 * libopenssl-3-devel-3.0.8-150500.5.63.1 * openssl-3-3.0.8-150500.5.63.1 * openssl-3-debugsource-3.0.8-150500.5.63.1 * openssl-3-debuginfo-3.0.8-150500.5.63.1 * openSUSE Leap 15.5 (x86_64) * libopenssl3-32bit-debuginfo-3.0.8-150500.5.63.1 * libopenssl3-32bit-3.0.8-150500.5.63.1 * libopenssl-3-devel-32bit-3.0.8-150500.5.63.1 * openSUSE Leap 15.5 (noarch) * openssl-3-doc-3.0.8-150500.5.63.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libopenssl3-64bit-3.0.8-150500.5.63.1 * libopenssl-3-devel-64bit-3.0.8-150500.5.63.1 * libopenssl3-64bit-debuginfo-3.0.8-150500.5.63.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libopenssl3-3.0.8-150500.5.63.1 * libopenssl3-debuginfo-3.0.8-150500.5.63.1 * libopenssl-3-devel-3.0.8-150500.5.63.1 * openssl-3-3.0.8-150500.5.63.1 * openssl-3-debugsource-3.0.8-150500.5.63.1 * openssl-3-debuginfo-3.0.8-150500.5.63.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libopenssl3-3.0.8-150500.5.63.1 * libopenssl3-debuginfo-3.0.8-150500.5.63.1 * libopenssl-3-devel-3.0.8-150500.5.63.1 * openssl-3-3.0.8-150500.5.63.1 * openssl-3-debugsource-3.0.8-150500.5.63.1 * openssl-3-debuginfo-3.0.8-150500.5.63.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libopenssl3-3.0.8-150500.5.63.1 * libopenssl3-debuginfo-3.0.8-150500.5.63.1 * libopenssl-3-devel-3.0.8-150500.5.63.1 * openssl-3-3.0.8-150500.5.63.1 * openssl-3-debugsource-3.0.8-150500.5.63.1 * openssl-3-debuginfo-3.0.8-150500.5.63.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libopenssl3-3.0.8-150500.5.63.1 * libopenssl3-debuginfo-3.0.8-150500.5.63.1 *libopenssl-3-devel-3.0.8-150500.5.63.1 * openssl-3-3.0.8-150500.5.63.1 * openssl-3-debugsource-3.0.8-150500.5.63.1 * openssl-3-debuginfo-3.0.8-150500.5.63.1 ## References: * https://www.suse.com/security/cve/CVE-2026-28390.html * https://bugzilla.suse.com/show_bug.cgi?id=1261678 . Critical patch for openSUSE's openssl-3 addresses a NULL pointer flaw to enhance security.. openSUSE security patch, openssl-3 update, NULL pointer fix, security advisory, SUSE Linux Enterprise. . LinuxSecurity.com Team
May 06, 2026 OpenSUSE 219
security advisorylowlibarchiveRocky Linux 8 RLSA-2023-3023 libarchive Minor Memory Patch Released
Low: libarchive security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2023:3018", "synopsis": "Low: libarchive security update", "severity": "SEVERITY_LOW", "topic": "An update is available for libarchive.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers.\n\nSecurity Fix(es):\n\n* libarchive: NULL pointer dereference in archive_write.c (CVE-2022-36227)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2144972", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2144972", "description": ""}], "cves": [{"name": "CVE-2022-36227", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2022-36227", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "5.9", "cwe": "CWE-476"}], "references": [], "publishedAt": "2026-03-20T00:02:50.766829Z", "rpms": {"Rocky Linux 8": {"nvras": ["bsdtar-0:3.3.3-5.el8.aarch64.rpm", "bsdtar-0:3.3.3-5.el8.x86_64.rpm", "bsdtar-debuginfo-0:3.3.3-5.el8.aarch64.rpm", "bsdtar-debuginfo-0:3.3.3-5.el8.x86_64.rpm", "libarchive-0:3.3.3-5.el8.aarch64.rpm", "libarchive-0:3.3.3-5.el8.i686.rpm", "libarchive-0:3.3.3-5.el8.x86_64.rpm","libarchive-debuginfo-0:3.3.3-5.el8.aarch64.rpm", "libarchive-debuginfo-0:3.3.3-5.el8.i686.rpm", "libarchive-debuginfo-0:3.3.3-5.el8.x86_64.rpm", "libarchive-debugsource-0:3.3.3-5.el8.aarch64.rpm", "libarchive-debugsource-0:3.3.3-5.el8.i686.rpm", "libarchive-debugsource-0:3.3.3-5.el8.x86_64.rpm", "libarchive-devel-0:3.3.3-5.el8.aarch64.rpm", "libarchive-devel-0:3.3.3-5.el8.i686.rpm", "libarchive-devel-0:3.3.3-5.el8.x86_64.rpm", "libarchive-0:3.3.3-5.el8.src.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Discover security update for libarchive on Rocky Linux 8 addressing low severity issues with NULL pointer dereference.. libarchive security update, Rocky Linux vulnerabilities, NULL pointer dereference. . Severity: Low. LinuxSecurity.com Team
Mar 20, 2026 •Low Rocky Linux 
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
Is automated patching safe for servers?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!