suse-sles-12-sp5-v20251023-x86_64 Package Source Changes

_product:sle-sdk-release

n/a

krb5

- Remove des3-cbc-sha1 and arcfour-hmac-md5 from permitted
  enctypes unless new special options "allow_des3" or "allow_rc4"
  are set; (CVE-2025-3576); (bsc#1241219).
- Add patch 0018-prep-CVE-2025-3576.patch
- Add patch 0019-CVE-2025-3576.patch

samba

- CVE-2025-9640: fix vfs_streams_xattr uninitialized memory write;
  (bsc#1251279);(bso#15885).
- CVE-2025-10230: fix command Injection in WINS Server Hook Script;
  (bsc#1251280);(bso#15903).

openssl-1_1

- Security fix: [bsc#1250232 CVE-2025-9230]
  * Fix out-of-bounds read & write in RFC 3211 KEK unwrap
  * Add patch openssl3-CVE-2025-9230.patch

expat

- Fix CVE-2025-59375 / bsc#1249584.
- Add patch file:
  * CVE-2025-59375.patch

openssl-1_0_0

- Security fix: [bsc#1250232 CVE-2025-9230]
  * Fix out-of-bounds read & write in RFC 3211 KEK unwrap
  * Add patch openssl3-CVE-2025-9230.patch