SUSE-SU-2025:4291-1

UNKNOWN

Security update for libmicrohttpd

Published Nov 28, 2025

Modified 1 months ago

Fix available

Details

This update for libmicrohttpd fixes the following issues:

CVE-2025-59777: Fixed NULL pointer dereference via specially crafted packet sent by an attacker (bsc#1253177)
CVE-2025-62689: Fixed heap-based buffer overflow via specially crafted packet sent by an attacker (bsc#1253178)

Affected Packages

libmicrohttpd

SUSE Linux Enterprise Module for Basesystem 15 SP6SUSE Linux Enterprise Module for Basesystem 15 SP7SUSE Linux Enterprise Module for Desktop Applications 15 SP6SUSE Linux Enterprise Module for Desktop Applications 15 SP7openSUSE Leap 15.6

Fixed in:

0.9.77-150600.3.3.1

libmicrohttpd12

SUSE Linux Enterprise Module for Basesystem 15 SP6SUSE Linux Enterprise Module for Basesystem 15 SP7openSUSE Leap 15.6

Fixed in:

0.9.77-150600.3.3.1

libmicrohttpd-devel

SUSE Linux Enterprise Module for Desktop Applications 15 SP6SUSE Linux Enterprise Module for Desktop Applications 15 SP7openSUSE Leap 15.6

Fixed in:

0.9.77-150600.3.3.1

Timeline

PublishedNov 28, 2025

ModifiedNov 28, 2025

SUSE-SU-2025:4291-1 | Mondoo Vulnerability Intelligence

SUSE-SU-2025:4291-1

Details

Affected Packages

References

Upstream

Related

Ecosystems

Timeline