SUSE Package Hub - SUSE-PackageHub-16.0-packagehub-32

Update Info

SUSE-PackageHub-16.0-packagehub-32

Security update for rnp

Type: security

Severity: moderate

Issued: 2025-11-27

Description:

This update for rnp fixes the following issues:

- update to 0.18.1:
  * CVE-2025-13470: PKESK (public-key encrypted) session keys were
    generated as all-zero, allowing trivial decryption of messages
    encrypted with public keys only (boo#1253957, CVE-2025-13402)

References

CVE: CVE-2025-13470
CVE: CVE-2025-13402
Bugzilla: 1253957 VUL-0: CVE-2025-13470,CVE-2025-13402: rnp: rnp PKESK session keys generated as all‑zero

Packages

rnp-0.18.1-bp160.1.1