Oval Definition:
oval:org.opensuse.security:def:79548
Revision Date
:
2018-12-05
Version
:
1
Title
:
Security update for openssl-1_0_0 (Moderate)
Description
:
This update for openssl-1_0_0 fixes the following issues:
Security issues fixed:
- CVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652). - CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses (bsc#1113534). - Add missing timing side channel patch for DSA signature generation (bsc#1113742).
Non-security issues fixed:
- Fixed infinite loop in DSA generation with incorrect parameters (bsc#1112209). - Set TLS version to 0 in msg_callback for record messages to avoid confusing applications (bsc#1100078).
Family
:
unix
Class
:
patch
Status
:
Reference(s)
:
1100078
1112209
1113534
1113652
1113742
CVE-2018-0734
CVE-2018-5407
SUSE-SU-2018:3989-1
Platform(s)
:
SUSE Linux Enterprise Desktop 12 SP4
Product(s)
:
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed
AND
Package Information
libopenssl-1_0_0-devel-1.0.2p-3.3.1 is installed
OR
libopenssl1_0_0-1.0.2p-3.3.1 is installed
OR
libopenssl1_0_0-32bit-1.0.2p-3.3.1 is installed
OR
openssl-1_0_0-1.0.2p-3.3.1 is installed
BACK