SUSE-FU-2026:21232-1: moderate: Feature update for libgcrypt, libgpg-error

SLE-UPDATES null at suse.de
Wed Apr 22 12:32:28 UTC 2026 


# Feature update for libgcrypt, libgpg-error

Announcement ID: SUSE-FU-2026:21232-1  
Release Date: 2026-04-17T10:48:45Z  
Rating: moderate  
References:

  * jsc#PED-15059
  * jsc#PED-15907

  
Cross-References:

  * CVE-2024-2236

  
CVSS scores:

  * CVE-2024-2236 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-2236 ( NVD ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * SUSE Linux Micro 6.2

  
  
An update that solves one vulnerability and contains two features can now be
installed.

## Description:

This update for libgcrypt, libgpg-error fixes the following issues:

Update libgcrypt to 1.12.1 (jsc#PED-15059):

  * New and extended interfaces:
  * Allow access to the FIPS service indicator via the new
    GCRYCTL_FIPS_SERVICE_INDICATOR control code.
  * Make SHA-1 non-FIPS internally for the 1.12 API
  * Add Dilithium (ML-DSA) support
  * Support optional random-override and support byte string data

  * Bug fixes:

  * Use secure MPI in _gcry_mpi_assign_limb_space.
  * Use CSIDL_COMMON_APPDATA instead of /etc on Windows.
  * Apply a Kyber patch from upstream.
  * Fix an edge case in Jent initialization.
  * mceliece6688128f: Fix stack overflow crash on win64/wine
  * Performance:
  * Many performance improvements, new AVX512 implementations for modern CPUs.
  * Add RISC-V Zbb+Zbc implementation of CRC.
  * Add RISC-V vector cryptography implementation of GHASH, AES, SHA256 and
    SHA512
  * Add AVX2 and AVX512 code paths to improve CRC.

For a full changelog, see:
https://dev.gnupg.org/source/libgcrypt/history/master/;libgcrypt-1.12.0

Update libgpg-error to 1.58:

  * New src/gpg-error.c (main): New command "fconcat".
  * Rename src/spawn-posix.c (struct gpgrt_spawn_actions): Rename the field to
    ENVP.
  * argparse: Use SYSCONFDIR for /etc.
  * Update translations for Portugese, German
  * src/estream.c (parse_mode): Fix parsing of "share". Set sysopen flag.
  * syscfg: Add 64-bit Android arch.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Micro 6.2  
    zypper in -t patch SUSE-SL-Micro-6.2-585=1

## Package List:

  * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64)
    * libgpg-error0-debuginfo-1.58-160000.1.1
    * libgcrypt20-1.12.1-160000.1.1
    * libgcrypt-debugsource-1.12.1-160000.1.1
    * libgcrypt20-debuginfo-1.12.1-160000.1.1
    * libgpg-error-debugsource-1.58-160000.1.1
    * libgpg-error0-1.58-160000.1.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-2236.html
  * https://jira.suse.com/browse/PED-15059
  * https://jira.suse.com/browse/PED-15907

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20260422/8826262b/attachment.htm>

More information about the sle-updates mailing list