Vulnerability CVE-2011-4354 - CERT Civis.Net

Vulnerability Name:

CVE-2011-4354 (CCN-71601)

Assigned:

2011-09-06

Published:

2011-09-06

Updated:

2012-11-06

Summary:

crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows remote attackers to obtain the private key of a TLS server via multiple handshake attempts.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N)
4.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Obtain Information

References:

Source: MISC
Type: UNKNOWN
http://crypto.di.uminho.pt/CACE/CT-RSA2012-openssl-src.zip

Source: MITRE
Type: CNA
CVE-2011-4354

Source: CONFIRM
Type: UNKNOWN
http://cvs.openssl.org/filediff?f=openssl/crypto/bn/bn_nist.c&v1=1.14&v2=1.21

Source: MISC
Type: UNKNOWN
http://eprint.iacr.org/2011/633

Source: CONFIRM
Type: UNKNOWN
http://marc.info/?t=119271238800004

Source: CCN
Type: OpenSSL Security Advisory [6 September 2011]
Two security flaws have been fixed in OpenSSL 1.0.0e

Source: MLIST
Type: UNKNOWN
[oss-security] 20111201 CVE-2011-4354 OpenSSL 0.9.8g (32-bit builds) bug leaks ECC private keys

Source: CONFIRM
Type: UNKNOWN
http://rt.openssl.org/Ticket/Display.html?id=1593&user=guest&pass=guest

Source: CCN
Type: SA53446
IBM Security Virtual Server Protection for VMware OpenSSL Vulnerabilities

Source: CCN
Type: IBM Security Bulletin 1636105
IBM Security Virtual Server Protection for VMware System can be affected by vulnerabilities in OpenSSL (CVE-2013-0169, CVE-2013-0166, and CVE-2011-4354)

Source: DEBIAN
Type: UNKNOWN
DSA-2390

Source: DEBIAN
Type: DSA-2390
openssl -- several vulnerabilities

Source: CCN
Type: OpenSSL Web site
OpenSSL

Source: CCN
Type: OSVDB ID: 77650
OpenSSL crypto/bn/bn_nist.c ECC TLS Server Private Key Disclosure

Source: CCN
Type: BID-50882
OpenSSL ECC Private Key Information Disclosure Vulnerability

Source: CCN
Type: Red Hat Bugzilla Bug 757909
CVE-2011-4354 openssl: ECC private leak (disclosure of TLS server's private key)

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=757909

Source: XF
Type: UNKNOWN
openssl-ecc-info-disclosure(71601)

Vulnerable Configuration:

Configuration 1:

cpe:/a:openssl:openssl:0.9.1c:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.2b:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.3:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.3a:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.4:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.5:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.5:beta1:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.5:beta2:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.5a:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.5a:beta1:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.5a:beta2:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6:beta1:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6:beta2:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6:beta3:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6a:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6a:beta1:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6a:beta2:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6a:beta3:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6b:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6c:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6d:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6e:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6f:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6g:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6h:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6i:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6j:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6k:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6l:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.6m:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7:beta1:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7:beta2:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7:beta3:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7:beta4:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7:beta5:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7:beta6:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7a:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7b:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7c:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7d:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7e:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7f:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7g:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7h:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7i:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7j:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7k:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7l:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.7m:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.8:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.8a:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.8b:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.8c:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.8d:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.8e:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:0.9.8f:*:*:*:*:*:x86:*

OR cpe:/a:openssl:openssl:*:*:*:*:*:*:x86:* (Version <= 0.9.8g)

Configuration CCN 1:

cpe:/a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*

OR cpe:/a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*

OR cpe:/a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*

OR cpe:/a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*

OR cpe:/a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*

OR cpe:/a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*

OR cpe:/a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7730	P	pam-1.3.0-150000.6.61.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7708	P	libzip-devel-1.8.0-150400.1.7 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:51990	P	Security update for podman (Important)	2023-01-27
oval:org.opensuse.security:def:51572	P	Security update for supportutils (Moderate)	2022-11-29
oval:org.opensuse.security:def:20114354	V	CVE-2011-4354	2022-09-02
oval:org.opensuse.security:def:6120	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-08-31
oval:org.opensuse.security:def:6134	P	Security update for ncurses (Moderate)	2022-08-09
oval:org.opensuse.security:def:6112	P	Security update for xen (Important)	2022-07-27
oval:org.opensuse.security:def:5296	P	Security update for mozilla-nspr, mozilla-nss (Moderate)	2022-07-22
oval:org.opensuse.security:def:6104	P	Security update for mozilla-nspr, mozilla-nss (Moderate)	2022-07-22
oval:org.opensuse.security:def:6098	P	Security update for logrotate (Important)	2022-07-14
oval:org.opensuse.security:def:123808	P	libopenssl0_9_8-0.9.8j-106.6.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:5277	P	Security update for the Linux Kernel (Important)	2022-06-20
oval:org.opensuse.security:def:6071	P	Security update for xen (Important)	2022-06-14
oval:org.opensuse.security:def:6336	P	Security update for gimp (Moderate)	2022-05-31
oval:org.opensuse.security:def:6058	P	Security update for postgresql14 (Important)	2022-05-27
oval:org.opensuse.security:def:5262	P	Security update for postgresql12 (Important)	2022-05-27
oval:org.opensuse.security:def:6049	P	Security update for postgresql10 (Important)	2022-05-23
oval:org.opensuse.security:def:6040	P	Security update for e2fsprogs (Important)	2022-05-17
oval:org.opensuse.security:def:42369	P	Security update for dnsmasq (Important)	2022-04-22
oval:org.opensuse.security:def:6007	P	Security update for libexif (Important)	2022-04-12
oval:org.opensuse.security:def:5371	P	Security update for openssl-1_0_0 (Important)	2022-03-15
oval:org.opensuse.security:def:6361	P	Security update for the Linux Kernel (Important)	2022-03-09
oval:org.opensuse.security:def:6180	P	Security update for expat (Important)	2022-03-03
oval:org.opensuse.security:def:5215	P	Security update for MozillaFirefox (Important)	2022-01-18
oval:org.opensuse.security:def:26223	P	Security update for net-snmp (Important)	2022-01-05
oval:org.opensuse.security:def:7006	P	Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP1) (Important)	2021-12-14
oval:org.opensuse.security:def:5169	P	Security update for MozillaFirefox (Important)	2021-12-12
oval:org.opensuse.security:def:6261	P	Security update for MozillaFirefox (Important)	2021-12-10
oval:org.opensuse.security:def:26181	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:51707	P	Security update for the Linux Kernel (Important)	2021-12-06
oval:org.opensuse.security:def:51708	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:5907	P	Security update for webkit2gtk3 (Important)	2021-12-02
oval:org.opensuse.security:def:6242	P	Security update for mariadb (Moderate)	2021-12-01
oval:org.opensuse.security:def:5151	P	Security update for MozillaFirefox (Important)	2021-11-17
oval:org.opensuse.security:def:5888	P	Recommended update for clamav-database (Low)	2021-11-16
oval:org.opensuse.security:def:6227	P	Security update for samba (Important)	2021-11-15
oval:org.opensuse.security:def:5147	P	Security update for binutils (Moderate)	2021-11-09
oval:org.opensuse.security:def:5873	P	Security update for pcre (Moderate)	2021-10-27
oval:org.opensuse.security:def:5139	P	Security update for postgresql10 (Important)	2021-10-20
oval:org.opensuse.security:def:32205	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:6981	P	Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP1) (Important)	2021-10-14
oval:org.opensuse.security:def:6709	P	Security update for the Linux Kernel (Live Patch 24 for SLE 15) (Important)	2021-10-12
oval:org.opensuse.security:def:5853	P	Security update for the Linux Kernel (Important)	2021-10-12
oval:org.opensuse.security:def:26142	P	Security update for apache2 (Important)	2021-10-06
oval:org.opensuse.security:def:55255	P	Security update for apache2 (Important)	2021-10-06
oval:org.opensuse.security:def:5126	P	Security update for libvirt (Moderate)	2021-10-04
oval:org.opensuse.security:def:5875	P	Security update for libvirt (Moderate)	2021-10-04
oval:org.opensuse.security:def:31684	P	Security update for MozillaFirefox (Important)	2021-09-22
oval:org.opensuse.security:def:32183	P	Security update for gtk-vnc (Moderate)	2021-09-16
oval:org.opensuse.security:def:5826	P	Security update for ffmpeg (Important)	2021-09-02
oval:org.opensuse.security:def:31672	P	Security update for unrar (Moderate)	2021-08-25
oval:org.opensuse.security:def:26097	P	Security update for lasso (Important)	2021-08-02
oval:org.opensuse.security:def:26095	P	Security update for glibc (Moderate)	2021-07-27
oval:org.opensuse.security:def:32144	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:5780	P	Security update for curl (Moderate)	2021-07-21
oval:org.opensuse.security:def:26089	P	Security update for MozillaFirefox (Important)	2021-07-16
oval:org.opensuse.security:def:5758	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:31647	P	Security update for libgcrypt (Important)	2021-06-24
oval:org.opensuse.security:def:5751	P	Security update for libnettle (Important)	2021-06-23
oval:org.opensuse.security:def:5750	P	Security update for apache2 (Important)	2021-06-22
oval:org.opensuse.security:def:32126	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:5738	P	Security update for djvulibre (Important)	2021-06-10
oval:org.opensuse.security:def:6906	P	Security update for the Linux Kernel (Important)	2021-06-09
oval:org.opensuse.security:def:77215	P	libopenssl0_9_8-0.9.8j-102.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11628	P	libopenssl0_9_8-0.9.8j-81.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42613	P	libopenssl0_9_8-0.9.8j-0.70.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36206	P	libopenssl0_9_8-0.9.8j-0.70.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:77535	P	libopenssl0_9_8-0.9.8j-105.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11919	P	libopenssl0_9_8-0.9.8j-102.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:76679	P	libopenssl0_9_8-0.9.8j-59.11 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36470	P	libopenssl-devel-0.9.8j-0.70.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:77889	P	libopenssl0_9_8-0.9.8j-106.6.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12239	P	libopenssl0_9_8-0.9.8j-105.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36538	P	php53-devel-5.3.17-0.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:51579	P	Security update for MozillaFirefox (Important)	2021-06-08
oval:org.opensuse.security:def:76924	P	libopenssl0_9_8-0.9.8j-81.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11383	P	libopenssl0_9_8-0.9.8j-59.11 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36496	P	libtool-2.2.6-2.131.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12593	P	libopenssl0_9_8-0.9.8j-106.6.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:5729	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:5720	P	Security update for slurm_18_08 (Important)	2021-06-04
oval:org.opensuse.security:def:5051	P	Security update for libwebp (Critical)	2021-06-02
oval:org.opensuse.security:def:32926	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:7085	P	Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP2) (Important)	2021-05-25
oval:org.opensuse.security:def:32095	P	Security update for libxml2 (Important)	2021-05-19
oval:org.opensuse.security:def:5687	P	Security update for the Linux Kernel (Important)	2021-05-17
oval:org.opensuse.security:def:55181	P	Security update for cups (Important)	2021-04-30
oval:org.opensuse.security:def:13239	P	libopenssl0_9_8-0.9.8j-59.11 on GA media (Moderate)	2021-04-29
oval:org.opensuse.security:def:46359	P	libopenssl0_9_8-0.9.8j-59.11 on GA media (Moderate)	2021-04-29
oval:org.opensuse.security:def:6887	P	Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP1) (Important)	2021-04-28
oval:org.opensuse.security:def:26040	P	Security update for gdm (Important)	2021-04-28
oval:org.opensuse.security:def:5662	P	Security update for librsvg (Moderate)	2021-04-23
oval:org.opensuse.security:def:51870	P	Security update for glibc (Important)	2021-04-13
oval:org.opensuse.security:def:7063	P	Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP2) (Important)	2021-04-07
oval:org.opensuse.security:def:6872	P	Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP1) (Important)	2021-04-07
oval:org.opensuse.security:def:5202	P	Security update for openssl-1_1 (Important)	2021-03-25
oval:org.opensuse.security:def:5982	P	Security update for wavpack (Important)	2021-03-24
oval:org.opensuse.security:def:32282	P	Security update for wavpack (Important)	2021-03-24
oval:org.opensuse.security:def:6731	P	Security update for the Linux Kernel (Live Patch 20 for SLE 15) (Important)	2021-03-17
oval:org.opensuse.security:def:52028	P	Security update for glib2 (Important)	2021-03-16
oval:org.opensuse.security:def:5193	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:51745	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:31739	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:52050	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:52017	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:51171	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:51172	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:5184	P	Security update for postgresql13 (Moderate)	2021-02-22
oval:org.opensuse.security:def:26191	P	Security update for jasper (Important)	2021-02-16
oval:org.opensuse.security:def:51730	P	Security update for wpa_supplicant (Important)	2021-02-15
oval:org.opensuse.security:def:32249	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:31673	P	Security update for openvswitch (Important)	2021-02-02
oval:org.opensuse.security:def:5017	P	Security update for php72 (Moderate)	2021-01-14
oval:org.opensuse.security:def:26031	P	Security update for php74 (Moderate)	2021-01-14
oval:org.opensuse.security:def:7070	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:52027	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:5032	P	Security update for gimp (Moderate)	2021-01-04
oval:org.opensuse.security:def:4970	P	Security update for openexr (Moderate)	2020-12-23
oval:org.opensuse.security:def:7057	P	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP2) (Important)	2020-12-16
oval:org.opensuse.security:def:35231	P	Security update for the Linux Kernel (Important)	2020-12-09
oval:org.opensuse.security:def:7048	P	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP2) (Important)	2020-12-07
oval:org.opensuse.security:def:35639	P	star-1.5final-28.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35786	P	mozilla-xulrunner192-1.9.2.24-0.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35858	P	PolicyKit-0.9-14.41.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35747	P	libgdiplus0-2.6.7-0.5.76 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35698	P	foomatic-filters-3.0.2-269.35.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35814	P	pyxml-0.8.4-194.23.38 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35962	P	libopenssl0_9_8-0.9.8j-0.50.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4894	P	Security update for postgresql10 (Important)	2020-12-02
oval:org.opensuse.security:def:5506	P	Security update for the Linux Kernel (Important)	2020-12-02
oval:org.opensuse.security:def:5429	P	Security update for cups (Important)	2020-12-02
oval:org.opensuse.security:def:5460	P	Security update for the Linux Kernel (Important)	2020-12-02
oval:org.opensuse.security:def:5587	P	Security update for ffmpeg (Moderate)	2020-12-02
oval:org.opensuse.security:def:5396	P	Security update for krb5 (Moderate)	2020-12-02
oval:org.opensuse.security:def:5447	P	Security update for dovecot23 (Important)	2020-12-02
oval:org.opensuse.security:def:5438	P	Security update for rmt-server (Moderate)	2020-12-02
oval:org.opensuse.security:def:5430	P	Security update for webkit2gtk3 (Important)	2020-12-02
oval:org.opensuse.security:def:5568	P	Recommended update for ruby2.5 (Important)	2020-12-02
oval:org.opensuse.security:def:4924	P	Security update for freetds (Moderate)	2020-12-02
oval:org.opensuse.security:def:51851	P	Security update for python-setuptools (Important)	2020-12-02
oval:org.opensuse.security:def:5553	P	Security update for python-pip (Important)	2020-12-02
oval:org.opensuse.security:def:4902	P	Security update for virt-bootstrap (Moderate)	2020-12-02
oval:org.opensuse.security:def:25513	P	Security update for java-11-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:26304	P	Security update for python-keystoneclient (Moderate)	2020-12-01
oval:org.opensuse.security:def:25938	P	Security update for evince (Important)	2020-12-01
oval:org.opensuse.security:def:53824	P	Security update for enigmail (Important)	2020-12-01
oval:org.opensuse.security:def:51416	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31441	P	Security update for pixman (Moderate)	2020-12-01
oval:org.opensuse.security:def:52428	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:52096	P	Security update for gstreamer-plugins-base (Important)	2020-12-01
oval:org.opensuse.security:def:6394	P	libksba8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26332	P	Security update for karchive (Important)	2020-12-01
oval:org.opensuse.security:def:25524	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31758	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:52955	P	Security update for graphviz (Moderate)	2020-12-01
oval:org.opensuse.security:def:52553	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:52655	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:52576	P	Security update for openssl-1_0_0 (Moderate)	2020-12-01
oval:org.opensuse.security:def:52695	P	Security update for the Linux Kernel (Live Patch 3 for SLE 15) (Important)	2020-12-01
oval:org.opensuse.security:def:51417	P	Security update for openldap2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:6779	P	libwireshark8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26473	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26288	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:26961	P	libopenssl0_9_8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31429	P	Recommended update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25831	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:31796	P	Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:53158	P	Security update for salt (Critical)	2020-12-01
oval:org.opensuse.security:def:53038	P	Security update for perl (Important)	2020-12-01
oval:org.opensuse.security:def:52859	P	Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP1) (Important)	2020-12-01
oval:org.opensuse.security:def:54216	P	gvim on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25512	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:25854	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:53786	P	Security update for icedtea-web (Important)	2020-12-01
oval:org.opensuse.security:def:53905	P	Security update for freerdp (Moderate)	2020-12-01
oval:org.opensuse.security:def:54581	P	libopenssl0_9_8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31430	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:52190	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:25756	P	Security update for python, python-base, python-doc (Moderate)	2020-12-01
oval:org.opensuse.security:def:32387	P	Security update for tomcat6 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32887	P	java-1_7_0-ibm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52782	P	Security update for the Linux Kernel (Live Patch 15 for SLE 15) (Important)	2020-12-01
oval:org.opensuse.security:def:52387	P	Security update for go1.13 (Important)	2020-12-01
oval:org.opensuse.security:def:52302	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:7039	P	libgc1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6412	P	libotr5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6757	P	libsnmp30-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26596	P	libpng12-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26434	P	Security update for pdns (Important)	2020-12-01
oval:org.opensuse.security:def:26244	P	Security update for openconnect (Moderate)	2020-12-01
oval:org.opensuse.security:def:26926	P	kdebase3-runtime on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33169	P	libopenssl0_9_8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25767	P	Security update for DirectFB (Important)	2020-12-01
oval:org.opensuse.security:def:35095	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:52873	P	Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP1) (Important)	2020-12-01
oval:org.opensuse.security:def:52946	P	Security update for ffmpeg (Moderate)	2020-12-01
oval:org.opensuse.security:def:52821	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:52940	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:51334	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26737	P	libadns1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26531	P	coolkey on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27204	P	libopenssl0_9_8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25797	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:32039	P	Security update for kernel modules packages (Moderate)	2020-12-01
oval:org.opensuse.security:def:53512	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:53358	P	Security update for mozilla-nss (Moderate)	2020-12-01
oval:org.opensuse.security:def:53150	P	Security update for targetcli-fb (Moderate)	2020-12-01
oval:org.opensuse.security:def:54507	P	krb5-appl-clients on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6749	P	libquicktime0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51817	P	Security update for libmspack (Moderate)	2020-12-01
oval:org.opensuse.security:def:25755	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:35479	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32338	P	Security update for sblim-sfcb (Moderate)	2020-12-01
oval:org.opensuse.security:def:54901	P	libopenssl0_9_8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52544	P	Security update for slurm (Moderate)	2020-12-01
oval:org.opensuse.security:def:52281	P	Security update for libssh2_org (Moderate)	2020-12-01
oval:org.opensuse.security:def:6403	P	libmpfr4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6425	P	libqt4-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6411	P	libopenssl0_9_8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26020	P	Security update for libraw (Moderate)	2020-12-01
oval:org.opensuse.security:def:26445	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26385	P	Security update for go (Moderate)	2020-12-01
oval:org.opensuse.security:def:32448	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:33130	P	krb5-plugin-kdb-ldap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35011	P	Security update for GPG2	2020-12-01
oval:org.opensuse.security:def:52707	P	Security update for the Linux Kernel (Live Patch 3 for SLE 15) (Important)	2020-12-01
oval:org.opensuse.security:def:52547	P	Security update for slurm (Important)	2020-12-01
oval:org.opensuse.security:def:52502	P	Security update for raptor (Important)	2020-12-01
oval:org.opensuse.security:def:51194	P	Security update for SDL (Moderate)	2020-12-01
oval:org.opensuse.security:def:26698	P	foomatic-filters on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26487	P	Security update for redis (Moderate)	2020-12-01
oval:org.opensuse.security:def:27169	P	libFLAC++6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25716	P	Security update for librsvg (Moderate)	2020-12-01
oval:org.opensuse.security:def:31982	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:53227	P	Security update for rmt-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:53266	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:53112	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:53231	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:54045	P	libopenssl0_9_8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26795	P	opie on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27468	P	libopenssl-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34999	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:35389	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:53712	P	Security update for u-boot (Important)	2020-12-01
oval:org.opensuse.security:def:53470	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:54827	P	libQt5WebKit5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52404	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:52108	P	Security update for mariadb-connector-c (Important)	2020-12-01
oval:org.opensuse.security:def:6389	P	libjavascriptcoregtk-1_0-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26019	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26361	P	Security update for kopete (Low)	2020-12-01
oval:org.opensuse.security:def:32426	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:32492	P	boost-license on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35000	P	Recommended update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:31515	P	Security update for quagga (Low)	2020-12-01
oval:org.opensuse.security:def:52601	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:52262	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:52410	P	Security update for postgresql12 (Important)	2020-12-01
oval:org.opensuse.security:def:26649	P	wireshark on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26230	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:52381	P	Security update for ant (Moderate)	2020-12-01
oval:org.opensuse.security:def:25588	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:31890	P	Security update for exempi (Moderate)	2020-12-01
oval:org.opensuse.security:def:53061	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:52838	P	Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP1) (Important)	2020-12-01
oval:org.opensuse.security:def:52747	P	Security update for the Linux Kernel (Live Patch 5 for SLE 15) (Important)	2020-12-01
oval:org.opensuse.security:def:52614	P	Security update for ntp (Moderate)	2020-12-01
oval:org.opensuse.security:def:53971	P	gimp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51439	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:6825	P	python-pyOpenSSL on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26751	P	libltdl7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27433	P	libarchive-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25959	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:35332	P	Security update for mono-core (Moderate)	2020-12-01
oval:org.opensuse.security:def:31883	P	Security update for dnsmasq (Moderate)	2020-12-01
oval:org.opensuse.security:def:53620	P	Security update for dpdk (Moderate)	2020-12-01
oval:org.opensuse.security:def:53432	P	Security update for nodejs10 (Critical)	2020-12-01
oval:org.opensuse.security:def:53551	P	Security update for libproxy (Important)	2020-12-01
oval:org.opensuse.security:def:54290	P	libopenssl0_9_8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52382	P	Security update for ldb, samba (Important)	2020-12-01
oval:org.mitre.oval:def:24249	V	Vulnerability in OpenSSL before 0.9.8h on 32-bit platforms, allows remote attackers to obtain the private key of a TLS server via multiple handshake attempts	2014-08-04
oval:org.mitre.oval:def:15500	P	USN-1357-1 -- OpenSSL vulnerabilities	2014-06-30
oval:org.mitre.oval:def:15286	P	DSA-2390-1 openssl -- several	2014-06-23