This update for ovmf fixes the following issue:

- CVE-2025-59438: mbedtls: padding oracle attack possible through timing of cipher error reporting (bsc#1252441).