Oval Definition:	oval:org.opensuse.security:def:50312
Revision Date: 2020-12-01 Version: 1 Title: Security update for openssl-1_1 (Moderate) Description: This update for openssl-1_1 to 1.1.0i fixes the following issues: These security issues were fixed: - CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack (bsc#1097158) - Make problematic ECDSA sign addition length-invariant - Add blinding to ECDSA and DSA signatures to protect against side channel attacks These non-security issues were fixed: - When unlocking a pass phrase protected PEM file or PKCS#8 container, we now allow empty (zero character) pass phrases. - Certificate time validation (X509_cmp_time) enforces stricter compliance with RFC 5280. Fractional seconds and timezone offsets are no longer allowed. - Fixed a text canonicalisation bug in CMS - Add openssl(cli) Provide so the packages that require the openssl binary can require this instead of the new openssl meta package (bsc#1101470) Family: unix Class: patch Status: Reference(s): 1058115 1065729 1071995 1073313 1085030 1097158 1101470 1111388 1114845 1123043 1128525 1128858 1129271 1129392 1130103 1132160 1132690 1133191 1133528 1134190 1134428 1135170 1135222 1136020 1136081 1136446 1136935 1137597 1137832 1138316 1140492 1143194 1143273 1146608 1148868 1152472 1152489 1153165 1153274 1154217 1154353 1154492 1155518 1155798 1156395 1157169 1158050 1158242 1158265 1158748 1158765 1158983 1159781 1159867 1160947 1161495 1162002 1162063 1162400 1162702 1162936 1162937 1163178 1164648 1164777 1164780 1165211 1165933 1165975 1166985 1167104 1167651 1167773 1168230 1168779 1168838 1168959 1169021 1169094 1169194 1169514 1169679 1169681 1169748 1169771 1169978 1170011 1170284 1170442 1170617 1170774 1170879 1170891 1170895 1171150 1171189 1171191 1171219 1171220 1171246 1171417 1171441 1171443 1171444 1171445 1171446 1171447 1171474 1171513 1171529 1171530 1171662 1171688 1171699 1171732 1171739 1171743 1171759 1171828 1171857 1171868 1171904 1171915 1171982 1171983 1171988 1172017 1172046 1172061 1172062 1172063 1172064 1172065 1172066 1172067 1172068 1172069 1172073 1172086 1172095 1172169 1172170 1172201 1172208 1172223 1172342 1172343 1172344 1172365 1172366 1172374 1172391 1172393 1172394 1172453 1172458 1172467 1172484 1172537 1172543 1172687 1172719 1172739 1172751 1172759 1172775 1172781 1172782 1172783 1172814 1172823 1172841 1172871 1172938 1172939 1172940 1172956 1172983 1172984 1172985 1172986 1172987 1172988 1172989 1172990 1172999 1173060 1173068 1173074 1173085 1173139 1173206 1173247 1173258 1173271 1173280 1173284 1173428 1173438 1173461 1173514 1173552 1173573 1173605 1173625 1173746 1173776 1173817 1173818 1173820 1173822 1173823 1173824 1173825 1173826 1173827 1173828 1173830 1173831 1173832 1173833 1173834 1173836 1173837 1173838 1173839 1173841 1173843 1173844 1173845 1173847 1173849 1173860 1173894 1173941 1174018 1174072 1174116 1174126 1174127 1174128 1174129 1174185 1174200 1174244 1174263 1174264 1174331 1174332 1174333 1174345 1174356 1174396 1174398 1174407 1174409 1174411 1174438 1174462 1174513 1174527 1174543 1174627 1175992 1176072 1176382 962849 CVE-2017-17740 CVE-2018-0732 CVE-2019-11068 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-12749 CVE-2019-13057 CVE-2019-13565 CVE-2019-14853 CVE-2019-14859 CVE-2019-14973 CVE-2019-19462 CVE-2019-20810 CVE-2019-20812 CVE-2019-3846 CVE-2019-3859 CVE-2019-5419 CVE-2019-5436 CVE-2019-6706 CVE-2019-8936 CVE-2020-0305 CVE-2020-10135 CVE-2020-10711 CVE-2020-10732 CVE-2020-10751 CVE-2020-10766 CVE-2020-10767 CVE-2020-10768 CVE-2020-10773 CVE-2020-10781 CVE-2020-11017 CVE-2020-11018 CVE-2020-11019 CVE-2020-11038 CVE-2020-11039 CVE-2020-11040 CVE-2020-11041 CVE-2020-11043 CVE-2020-11085 CVE-2020-11086 CVE-2020-11087 CVE-2020-11088 CVE-2020-11089 CVE-2020-11095 CVE-2020-11096 CVE-2020-11097 CVE-2020-11098 CVE-2020-11099 CVE-2020-11521 CVE-2020-11522 CVE-2020-11523 CVE-2020-11524 CVE-2020-11525 CVE-2020-11526 CVE-2020-12656 CVE-2020-12769 CVE-2020-12771 CVE-2020-12888 CVE-2020-13143 CVE-2020-13396 CVE-2020-13397 CVE-2020-13398 CVE-2020-13974 CVE-2020-14386 CVE-2020-14416 CVE-2020-15393 CVE-2020-15780 CVE-2020-24394 CVE-2020-25212 CVE-2020-4030 CVE-2020-4031 CVE-2020-4032 CVE-2020-4033 CVE-2020-8631 CVE-2020-8632 CVE-2020-8903 CVE-2020-8907 CVE-2020-8933 SUSE-SU-2018:2956-1 SUSE-SU-2019:0247-1 SUSE-SU-2019:0777-1 SUSE-SU-2019:1059-1 SUSE-SU-2019:1357-2 SUSE-SU-2019:1597-1 SUSE-SU-2019:1973-1 SUSE-SU-2019:2395-1 SUSE-SU-2019:2891-1 SUSE-SU-2020:0751-1 SUSE-SU-2020:1934-1 Platform(s): SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP2 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Public Cloud 15 SP1 SUSE Linux Enterprise Module for Public Cloud 15 SP2 SUSE Linux Enterprise Module for Python2 packages 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information freetype2-2.3.7-25.32 is installed OR freetype2-32bit-2.3.7-25.32 is installed OR freetype2-devel-2.3.7-25.32 is installed OR ft2demos-2.3.7-25.32 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND libaugeas0-0.9.0-3.15 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information bash-4.2-75 is installed OR bash-doc-4.2-75 is installed OR bash-lang-4.2-75 is installed OR libreadline6-6.2-75 is installed OR libreadline6-32bit-6.2-75 is installed OR readline-doc-6.2-75 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information avahi-0.6.31-20 is installed OR avahi-lang-0.6.31-20 is installed OR libavahi-client3-0.6.31-20 is installed OR libavahi-client3-32bit-0.6.31-20 is installed OR libavahi-common3-0.6.31-20 is installed OR libavahi-common3-32bit-0.6.31-20 is installed OR libavahi-core7-0.6.31-20 is installed OR libdns_sd-0.6.31-20 is installed OR libdns_sd-32bit-0.6.31-20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND dracut-044-87 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information ghostscript-9.15-22 is installed OR ghostscript-x11-9.15-22 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information dia-0.97.3-15 is installed OR dia-lang-0.97.3-15 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 is installed AND Package Information libopenssl-1_1-devel-1.1.0i-4.9 is installed OR libopenssl-devel-1.1.0i-3.3 is installed OR libopenssl1_1-1.1.0i-4.9 is installed OR libopenssl1_1-32bit-1.1.0i-4.9 is installed OR libopenssl1_1-hmac-1.1.0i-4.9 is installed OR libopenssl1_1-hmac-32bit-1.1.0i-4.9 is installed OR openssl-1.1.0i-3.3 is installed OR openssl-1_1-1.1.0i-4.9 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-150_14-default-2-2 is installed OR kernel-livepatch-SLE15_Update_9-2-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP2 is installed AND Package Information kernel-default-5.3.18-24.9 is installed OR kernel-default-livepatch-5.3.18-24.9 is installed OR kernel-default-livepatch-devel-5.3.18-24.9 is installed OR kernel-livepatch-5_3_18-24_9-default-1-5.3 is installed OR kernel-livepatch-SLE15-SP2_Update_1-1-5.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information dbus-1-1.12.2-3.8 is installed OR dbus-1-devel-doc-1.12.2-3.8 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information curl-7.60.0-3.20 is installed OR curl-mini-7.60.0-3.20 is installed OR libcurl-devel-32bit-7.60.0-3.20 is installed OR libcurl-mini-devel-7.60.0-3.20 is installed OR libcurl4-mini-7.60.0-3.20 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information freerdp-2.1.2-15.7 is installed OR freerdp-server-2.1.2-15.7 is installed OR freerdp-wayland-2.1.2-15.7 is installed OR libuwac0-0-2.1.2-15.7 is installed OR uwac0-0-devel-2.1.2-15.7 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed AND Package Information rmt-server-2.3.1-3.3 is installed OR rmt-server-pubcloud-2.3.1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 SP2 is installed AND Package Information google-compute-engine-20190801-4.38 is installed OR google-compute-engine-init-20190801-4.38 is installed OR google-compute-engine-oslogin-20190801-4.38 is installed Definition Synopsis SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed AND Package Information libsamba-policy0-4.9.5+git.210.ab0549acb05-3.14 is installed OR samba-4.9.5+git.210.ab0549acb05-3.14 is installed OR samba-ad-dc-4.9.5+git.210.ab0549acb05-3.14 is installed OR samba-dsdb-modules-4.9.5+git.210.ab0549acb05-3.14 is installed OR samba-libs-python-4.9.5+git.210.ab0549acb05-3.14 is installed OR samba-python-4.9.5+git.210.ab0549acb05-3.14 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information graphviz-addons-2.40.1-6.3 is installed OR graphviz-tcl-2.40.1-6.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information tomcat-9.0.20-3.24 is installed OR tomcat-admin-webapps-9.0.20-3.24 is installed OR tomcat-el-3_0-api-9.0.20-3.24 is installed OR tomcat-jsp-2_3-api-9.0.20-3.24 is installed OR tomcat-lib-9.0.20-3.24 is installed OR tomcat-servlet-4_0-api-9.0.20-3.24 is installed OR tomcat-webapps-9.0.20-3.24 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information apache2-mod_php7-7.2.5-4.49 is installed OR php7-7.2.5-4.49 is installed OR php7-bcmath-7.2.5-4.49 is installed OR php7-bz2-7.2.5-4.49 is installed OR php7-calendar-7.2.5-4.49 is installed OR php7-ctype-7.2.5-4.49 is installed OR php7-curl-7.2.5-4.49 is installed OR php7-dba-7.2.5-4.49 is installed OR php7-devel-7.2.5-4.49 is installed OR php7-dom-7.2.5-4.49 is installed OR php7-enchant-7.2.5-4.49 is installed OR php7-exif-7.2.5-4.49 is installed OR php7-fastcgi-7.2.5-4.49 is installed OR php7-fileinfo-7.2.5-4.49 is installed OR php7-fpm-7.2.5-4.49 is installed OR php7-ftp-7.2.5-4.49 is installed OR php7-gd-7.2.5-4.49 is installed OR php7-gettext-7.2.5-4.49 is installed OR php7-gmp-7.2.5-4.49 is installed OR php7-iconv-7.2.5-4.49 is installed OR php7-intl-7.2.5-4.49 is installed OR php7-json-7.2.5-4.49 is installed OR php7-ldap-7.2.5-4.49 is installed OR php7-mbstring-7.2.5-4.49 is installed OR php7-mysql-7.2.5-4.49 is installed OR php7-odbc-7.2.5-4.49 is installed OR php7-opcache-7.2.5-4.49 is installed OR php7-openssl-7.2.5-4.49 is installed OR php7-pcntl-7.2.5-4.49 is installed OR php7-pdo-7.2.5-4.49 is installed OR php7-pear-7.2.5-4.49 is installed OR php7-pear-Archive_Tar-7.2.5-4.49 is installed OR php7-pgsql-7.2.5-4.49 is installed OR php7-phar-7.2.5-4.49 is installed OR php7-posix-7.2.5-4.49 is installed OR php7-shmop-7.2.5-4.49 is installed OR php7-snmp-7.2.5-4.49 is installed OR php7-soap-7.2.5-4.49 is installed OR php7-sockets-7.2.5-4.49 is installed OR php7-sodium-7.2.5-4.49 is installed OR php7-sqlite-7.2.5-4.49 is installed OR php7-sysvmsg-7.2.5-4.49 is installed OR php7-sysvsem-7.2.5-4.49 is installed OR php7-sysvshm-7.2.5-4.49 is installed OR php7-tokenizer-7.2.5-4.49 is installed OR php7-wddx-7.2.5-4.49 is installed OR php7-xmlreader-7.2.5-4.49 is installed OR php7-xmlrpc-7.2.5-4.49 is installed OR php7-xmlwriter-7.2.5-4.49 is installed OR php7-xsl-7.2.5-4.49 is installed OR php7-zip-7.2.5-4.49 is installed OR php7-zlib-7.2.5-4.49 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND ft2demos-2.5.5-7.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kernel-default-3.12.74-60.64.48 is installed OR kernel-default-base-3.12.74-60.64.48 is installed OR kernel-default-devel-3.12.74-60.64.48 is installed OR kernel-default-man-3.12.74-60.64.48 is installed OR kernel-devel-3.12.74-60.64.48 is installed OR kernel-macros-3.12.74-60.64.48 is installed OR kernel-source-3.12.74-60.64.48 is installed OR kernel-syms-3.12.74-60.64.48 is installed OR kernel-xen-3.12.74-60.64.48 is installed OR kernel-xen-base-3.12.74-60.64.48 is installed OR kernel-xen-devel-3.12.74-60.64.48 is installed OR kgraft-patch-3_12_74-60_64_48-default-1-2 is installed OR kgraft-patch-3_12_74-60_64_48-xen-1-2 is installed OR kgraft-patch-SLE12-SP1_Update_17-1-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information augeas-1.2.0-10 is installed OR augeas-lenses-1.2.0-10 is installed OR libaugeas0-1.2.0-10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information git-2.12.3-27.14 is installed OR git-core-2.12.3-27.14 is installed OR git-doc-2.12.3-27.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND clamav-0.100.1-33.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_59-92_24-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_9-11-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libpcap-1.8.1-10.3 is installed OR libpcap1-1.8.1-10.3 is installed OR tcpdump-4.9.2-14.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information python3-rpm-4.11.2-16.21 is installed OR rpm-4.11.2-16.21 is installed OR rpm-32bit-4.11.2-16.21 is installed OR rpm-build-4.11.2-16.21 is installed OR rpm-python-4.11.2-16.21 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information libpcp-devel-3.11.9-5.8 is installed OR libpcp3-3.11.9-5.8 is installed OR libpcp_gui2-3.11.9-5.8 is installed OR libpcp_import1-3.11.9-5.8 is installed OR libpcp_mmv1-3.11.9-5.8 is installed OR libpcp_trace2-3.11.9-5.8 is installed OR libpcp_web1-3.11.9-5.8 is installed OR pcp-3.11.9-5.8 is installed OR pcp-conf-3.11.9-5.8 is installed OR pcp-devel-3.11.9-5.8 is installed OR pcp-doc-3.11.9-5.8 is installed OR pcp-import-iostat2pcp-3.11.9-5.8 is installed OR pcp-import-mrtg2pcp-3.11.9-5.8 is installed OR pcp-import-sar2pcp-3.11.9-5.8 is installed OR perl-PCP-LogImport-3.11.9-5.8 is installed OR perl-PCP-LogSummary-3.11.9-5.8 is installed OR perl-PCP-MMV-3.11.9-5.8 is installed OR perl-PCP-PMDA-3.11.9-5.8 is installed OR python-pcp-3.11.9-5.8 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information qemu-2.11.2-9.36 is installed OR qemu-block-curl-2.11.2-9.36 is installed OR qemu-block-iscsi-2.11.2-9.36 is installed OR qemu-block-rbd-2.11.2-9.36 is installed OR qemu-block-ssh-2.11.2-9.36 is installed OR qemu-guest-agent-2.11.2-9.36 is installed OR qemu-ipxe-1.0.0+-9.36 is installed OR qemu-kvm-2.11.2-9.36 is installed OR qemu-lang-2.11.2-9.36 is installed OR qemu-ppc-2.11.2-9.36 is installed OR qemu-seabios-1.11.0-9.36 is installed OR qemu-sgabios-8-9.36 is installed OR qemu-tools-2.11.2-9.36 is installed OR qemu-vgabios-1.11.0-9.36 is installed OR qemu-x86-2.11.2-9.36 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-68.4.1-3.66 is installed OR MozillaThunderbird-translations-common-68.4.1-3.66 is installed OR MozillaThunderbird-translations-other-68.4.1-3.66 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information freerdp-2.1.2-15.10 is installed OR freerdp-devel-2.1.2-15.10 is installed OR libfreerdp2-2.1.2-15.10 is installed OR libwinpr2-2.1.2-15.10 is installed OR winpr2-devel-2.1.2-15.10 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr4.10-30.5 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr4.10-30.5 is installed OR java-1_8_0-ibm-devel-1.8.0_sr4.10-30.5 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr4.10-30.5 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information xen-4.7.5_04-43.33 is installed OR xen-doc-html-4.7.5_04-43.33 is installed OR xen-libs-4.7.5_04-43.33 is installed OR xen-libs-32bit-4.7.5_04-43.33 is installed OR xen-tools-4.7.5_04-43.33 is installed OR xen-tools-domU-4.7.5_04-43.33 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND python-cryptography-2.0.3-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information xen-4.9.4_04-3.56 is installed OR xen-doc-html-4.9.4_04-3.56 is installed OR xen-libs-4.9.4_04-3.56 is installed OR xen-libs-32bit-4.9.4_04-3.56 is installed OR xen-tools-4.9.4_04-3.56 is installed OR xen-tools-domU-4.9.4_04-3.56 is installed
BACK