Oval Definition:oval:org.opensuse.security:def:125059
Revision Date:2020-01-14Version:1
Title:Security update for openssl-1_1 (Moderate)
Description:

This update for openssl-1_1 fixes the following issues:

Security issue fixed: - CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli (bsc#1158809). - CVE-2019-1563: Fixed bleichenbacher attack against cms/pkcs7 encryptioon transported key (bsc#1150250). - CVE-2019-1551: Fixed integer overflow in RSAZ modular exponentiation on x86_64 (bsc#1158809). - CVE-2019-1549: Fixed fork problem with random generator (bsc#1150247). - CVE-2019-1547: Fixed EC_GROUP_set_generator side channel attack avoidance (bsc#1150003).

Bug fixes:

- Ship the openssl 1.1.1 binary as openssl-1_1, and make it installable in parallel with the system openssl (bsc#1140277). - Update to 1.1.1d (bsc#1133925, jsc#SLE-6430).
Family:unixClass:patch
Status:Reference(s):1133925
1140277
1150003
1150247
1150250
1158809
CVE-2019-1547
CVE-2019-1549
CVE-2019-1551
CVE-2019-1563
SUSE-SU-2020:0099-1
Platform(s):SUSE Linux Enterprise Desktop 12 SP4
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libopenssl1_1-1.1.1d-2.20.1 is installed
  • OR libopenssl1_1-32bit-1.1.1d-2.20.1 is installed
  • OR openssl-1_1-1.1.1d-2.20.1 is installed
    • BACK