SUSE-SU-2026:1256-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. - CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientIn...

OpenSSL 1.1.1 < 1.1.1zg Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.1.1zg. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.1zg advisory. - Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon...

Design/Logic Flaw

A vulnerability in the DNS-based Authentication of Named Entities DANE email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability...