Not a critical security issue AFAICT, but still, thought I'd give any openSUSE users a heads-up in case they weren't aware of it. It's important to point out that they will need to re-generate all their passwords if they were supposed
to be using MD5 hashes.
SUSE Security Announcement
1) Problem Description and Brief Discussion
libxcrypt is used on openSUSE to calculate the hash value of
passwords. It can be configured to use DES, MD5 or blowfish. Due to
a bug in libxcrypt the DES algorithm was used if MD5 was configured
in /etc/default/passwd. The default algorithm used on openSUSE is
blowfish which worked as expected though.
2) Solution or Work-Around
There is no known workaround, please install the update packages.
3) Special Instructions and Notes
After applying the update you need to set the password again for all
accounts that are supposed to have an MD5 password hash.