Oval Definition:	oval:org.opensuse.security:def:64036
Revision Date: 2020-12-01 Version: 1 Title: Security update for openssl-1_1 (Moderate) Description: This update for openssl-1_1 fixes the following issues: Security issue fixed: - CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli (bsc#1158809). - CVE-2019-1563: Fixed bleichenbacher attack against cms/pkcs7 encryptioon transported key (bsc#1150250). - CVE-2019-1551: Fixed integer overflow in RSAZ modular exponentiation on x86_64 (bsc#1158809). - CVE-2019-1549: Fixed fork problem with random generator (bsc#1150247). - CVE-2019-1547: Fixed EC_GROUP_set_generator side channel attack avoidance (bsc#1150003). Bug fixes: - Ship the openssl 1.1.1 binary as openssl-1_1, and make it installable in parallel with the system openssl (bsc#1140277). - Update to 1.1.1d (bsc#1133925, jsc#SLE-6430). Family: unix Class: patch Status: Reference(s): 1024288 1024291 1120629 1120630 1120631 1127155 1131823 1133925 1136936 1137977 1140277 1142529 1146219 1149143 1150003 1150247 1150250 1157268 1158809 1171889 1172698 1172704 1173369 1176579 1178512 CVE-2017-2579 CVE-2017-2580 CVE-2018-20532 CVE-2018-20533 CVE-2018-20534 CVE-2019-14241 CVE-2019-1547 CVE-2019-1549 CVE-2019-1551 CVE-2019-1563 CVE-2019-18934 CVE-2019-5869 CVE-2020-12662 CVE-2020-12663 CVE-2020-1472 CVE-2020-15011 CVE-2020-28196 CVE-2020-8023 openSUSE-SU-2019:1605-1 openSUSE-SU-2019:2080-1 openSUSE-SU-2019:2556-1 openSUSE-SU-2020:0912-1 openSUSE-SU-2020:0976-1 openSUSE-SU-2020:1513-1 SUSE-SU-2020:0099-1 SUSE-SU-2020:2048-1 SUSE-SU-2020:3379-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libnetpbm-devel-10.80.1-lp151.4.3 is installed OR libnetpbm11-10.80.1-lp151.4.3 is installed OR libnetpbm11-32bit-10.80.1-lp151.4.3 is installed OR netpbm-10.80.1-lp151.4.3 is installed OR netpbm-vulnerable-10.80.1-lp151.4.3 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information libldap-2_4-2-2.4.46-lp152.14.3 is installed OR libldap-2_4-2-32bit-2.4.46-lp152.14.3 is installed OR libldap-data-2.4.46-lp152.14.3 is installed OR openldap2-2.4.46-lp152.14.3 is installed OR openldap2-back-meta-2.4.46-lp152.14.3 is installed OR openldap2-back-perl-2.4.46-lp152.14.3 is installed OR openldap2-back-sock-2.4.46-lp152.14.3 is installed OR openldap2-back-sql-2.4.46-lp152.14.3 is installed OR openldap2-client-2.4.46-lp152.14.3 is installed OR openldap2-contrib-2.4.46-lp152.14.3 is installed OR openldap2-devel-2.4.46-lp152.14.3 is installed OR openldap2-devel-32bit-2.4.46-lp152.14.3 is installed OR openldap2-devel-static-2.4.46-lp152.14.3 is installed OR openldap2-doc-2.4.46-lp152.14.3 is installed OR openldap2-ppolicy-check-password-1.2-lp152.14.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libopenssl1_1-1.1.1d-2.20 is installed OR libopenssl1_1-32bit-1.1.1d-2.20 is installed OR openssl-1_1-1.1.1d-2.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information libsolv-0.6.36-2.30 is installed OR libsolv-devel-0.6.36-2.30 is installed OR libsolv-tools-0.6.36-2.30 is installed OR perl-solv-0.6.36-2.30 is installed OR python-solv-0.6.36-2.30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND mailman-2.1.17-3.23 is installed
BACK