openSUSE Tumbleweed Security Advisories Address Multiple CVEs

On June 23, 2026, openSUSE Tumbleweed released multiple advisories addressing security vulnerabilities in various packages. The advisories include CVE-2026-11078, CVE-2026-11079, and CVE-2026-11080, which affect the ghc-crypton-asn1-encoding, ghc-crypton-asn1-parse, and ghc-crypton-asn1-types packages, respectively. These vulnerabilities were classified as moderate threats and have been patched in the latest updates. Additionally, CVE-2026-11077 was issued for the ghc-aws package. Users of openSUSE Tumbleweed are advised to update their systems to mitigate potential risks associated with these vulnerabilities. Each package affected includes development, documentation, and profiling components that could be exploited if not updated.

Key Points: • Four security advisories released for openSUSE Tumbleweed on June 23, 2026. • Moderate threat level assigned to vulnerabilities in multiple GHC Crypton packages. • Users are urged to update affected packages to mitigate security risks.