Oval Definition:oval:org.opensuse.security:def:56535
Revision Date:2020-12-01Version:1
Title:Security update for openssl (Moderate)
Description:

This update for openssl fixes the following issues:

- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack (bsc#1097158). - Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)
Family:unixClass:patch
Status:Reference(s):1012382
1044189
1052311
1052365
1063026
1066223
1070603
1073933
1076537
1081685
1082299
1082863
1082979
1083125
1083242
1083275
1083488
1084427
1084536
1085279
1085331
1085449
1086162
1086194
1087088
1087209
1087260
1088087
1088147
1088260
1088261
1089608
1089752
1090535
1090643
1091815
1093311
1094244
1094555
1094562
1095344
1095753
1096547
1097158
1097624
1098592
1099810
1102495
1102715
1102870
1102875
1102877
1102879
1102882
1102896
1103156
1103269
1106095
1106434
1106512
1106594
1106934
1106989
1106996
1107609
1107924
1108096
1108170
1108240
1108399
1108803
1108823
1109333
1109336
1109337
1109441
1110297
1110337
1110949
1120381
1122033
1124365
1124366
1124368
1128649
1130330
1131317
1132053
1132054
1132060
1151021
770619
958963
960155
CVE-2010-0405
CVE-2010-1674
CVE-2010-1675
CVE-2011-2721
CVE-2011-3627
CVE-2012-1457
CVE-2012-1458
CVE-2012-1459
CVE-2013-6497
CVE-2014-9050
CVE-2014-9328
CVE-2015-1461
CVE-2015-1462
CVE-2015-1463
CVE-2015-2170
CVE-2015-2221
CVE-2015-2222
CVE-2015-2305
CVE-2015-2668
CVE-2015-7236
CVE-2015-7552
CVE-2016-0752
CVE-2017-0861
CVE-2017-1000111
CVE-2017-1000112
CVE-2017-11089
CVE-2017-13220
CVE-2017-18191
CVE-2017-18203
CVE-2018-0732
CVE-2018-10087
CVE-2018-10124
CVE-2018-1087
CVE-2018-1417
CVE-2018-14613
CVE-2018-14617
CVE-2018-16276
CVE-2018-16412
CVE-2018-16413
CVE-2018-16597
CVE-2018-16644
CVE-2018-17182
CVE-2018-17456
CVE-2018-20467
CVE-2018-2783
CVE-2018-2790
CVE-2018-2794
CVE-2018-2795
CVE-2018-2796
CVE-2018-2797
CVE-2018-2798
CVE-2018-2799
CVE-2018-2800
CVE-2018-2814
CVE-2018-7480
CVE-2018-7566
CVE-2018-7757
CVE-2018-8781
CVE-2018-8822
CVE-2018-8897
CVE-2019-10650
CVE-2019-11007
CVE-2019-11008
CVE-2019-11009
CVE-2019-14835
CVE-2019-7175
CVE-2019-7395
CVE-2019-7397
CVE-2019-7398
CVE-2019-9956
SUSE-SU-2016:0225-1
SUSE-SU-2016:0953-1
SUSE-SU-2017:2150-1
SUSE-SU-2018:0991-1
SUSE-SU-2018:1220-1
SUSE-SU-2018:1448-1
SUSE-SU-2018:1764-1
SUSE-SU-2018:1887-1
SUSE-SU-2018:3003-1
SUSE-SU-2018:4088-1
SUSE-SU-2019:1033-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libIlmImf-2_2-23-2.2.1-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • GraphicsMagick-1.3.29-lp151.4.3 is installed
  • OR GraphicsMagick-devel-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick++-Q16-12-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick++-devel-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick-Q16-3-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick3-config-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.3 is installed
  • OR perl-GraphicsMagick-1.3.29-lp151.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed
  • OR openssl-1.0.2j-60.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND quagga-0.99.22.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.25-38.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND clamav-0.99.2-25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • ntp-4.2.8p12-64.8 is installed
  • OR ntp-doc-4.2.8p12-64.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • ntp-4.2.8p12-64.8 is installed
  • OR ntp-doc-4.2.8p12-64.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • openslp-2.0.0-18.15 is installed
  • OR openslp-32bit-2.0.0-18.15 is installed
  • OR openslp-server-2.0.0-18.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • gvim-7.4.326-16 is installed
  • OR vim-7.4.326-16 is installed
  • OR vim-data-7.4.326-16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • evince-3.20.2-6.27 is installed
  • OR evince-browser-plugin-3.20.2-6.27 is installed
  • OR evince-lang-3.20.2-6.27 is installed
  • OR evince-plugin-djvudocument-3.20.2-6.27 is installed
  • OR evince-plugin-dvidocument-3.20.2-6.27 is installed
  • OR evince-plugin-pdfdocument-3.20.2-6.27 is installed
  • OR evince-plugin-psdocument-3.20.2-6.27 is installed
  • OR evince-plugin-tiffdocument-3.20.2-6.27 is installed
  • OR evince-plugin-xpsdocument-3.20.2-6.27 is installed
  • OR libevdocument3-4-3.20.2-6.27 is installed
  • OR libevview3-3-3.20.2-6.27 is installed
  • OR nautilus-evince-3.20.2-6.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.242-27.41 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.242-27.41 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.242-27.41 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.242-27.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • gvim-7.4.326-16 is installed
  • OR vim-7.4.326-16 is installed
  • OR vim-data-7.4.326-16 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND ruby2.1-rubygem-actionview-4_2-4.2.2-5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • git-2.12.3-27.17 is installed
  • OR git-core-2.12.3-27.17 is installed
  • OR git-doc-2.12.3-27.17 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • dbus-1-1.8.22-29.17 is installed
  • OR dbus-1-x11-1.8.22-29.17 is installed
  • OR libdbus-1-3-1.8.22-29.17 is installed
  • OR libdbus-1-3-32bit-1.8.22-29.17 is installed
    • BACK