Vulnerability CVE-2019-1543

Vulnerability Name:

CVE-2019-1543 (CCN-157841)

Assigned:

2018-11-28

Published:

2019-03-06

Updated:

2021-07-31

Summary:

ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also incorrectly allows a nonce to be set of up to 16 bytes. In this case only the last 12 bytes are significant and any additional leading bytes are ignored. It is a requirement of using this cipher that nonce values are unique. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks. If an application changes the default nonce length to be longer than 12 bytes and then makes a change to the leading bytes of the nonce expecting the new value to be a new unique nonce then such an application could inadvertently encrypt messages with a reused nonce. Additionally the ignored bytes in a long nonce are not covered by the integrity guarantee of this cipher. Any application that relies on the integrity of these ignored leading bytes of a long nonce may be further affected. Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe because no such use sets such a long nonce value. However user applications that use this cipher directly and set a non-default nonce length to be longer than 12 bytes may be vulnerable. OpenSSL versions 1.1.1 and 1.1.0 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1c (Affected 1.1.1-1.1.1b). Fixed in OpenSSL 1.1.0k (Affected 1.1.0-1.1.0j).

CVSS v3 Severity:

7.4 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)
6.4 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): None

4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)
4.2 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

2.9 Low (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
2.6 Low (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-327
CWE-330
CWE-323

Vulnerability Consequences:

Obtain Information

References:

Vulnerable Configuration:

Configuration 1:

cpe:/a:openssl:openssl:*:*:*:*:*:*:*:* (Version >= 1.1.1 and <= 1.1.1b)

OR cpe:/a:openssl:openssl:*:*:*:*:*:*:*:* (Version >= 1.1.0 and <= 1.1.0j)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

Configuration CCN 1:

cpe:/a:openssl:openssl:1.1.0:*:*:*:*:*:*:*

OR cpe:/a:openssl:openssl:1.1.1:*:*:*:*:*:*:*

AND

cpe:/o:ibm:i:7.1:*:*:*:*:*:*:*

OR cpe:/o:ibm:i:7.2:*:*:*:*:*:*:*

OR cpe:/a:oracle:enterprise_manager:12.1.0.5:*:*:*:*:*:*:*

OR cpe:/o:ibm:i:7.3:*:*:*:*:*:*:*

OR cpe:/a:oracle:enterprise_manager:13.2:*:*:*:*:*:*:*

OR cpe:/o:ibm:virtual_router_appliance_firmware:vyatta_5600:*:*:*:*:*:*:*

OR cpe:/a:oracle:vm_virtualbox:6.0.0:*:*:*:*:*:*:*

OR cpe:/o:ibm:i:7.4:*:*:*:*:*:*:*

OR cpe:/a:oracle:vm_virtualbox:5.2.30:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_studio_local:1.2.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:aspera_orchestrator:3.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:aspera_console:3.3.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:aspera_shares:1.9.12:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20191543	V	CVE-2019-1543	2023-06-22
oval:org.opensuse.security:def:7630	P	libopenssl-1_1-devel-1.1.1l-150500.15.4 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7528	P	hplip-devel-3.21.10-150400.3.5.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7506	P	giflib-devel-5.2.1-150000.4.8.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:765	P	Security update for libtirpc (Important)	2022-09-19
oval:org.opensuse.security:def:3223	P	libopenssl1_1-1.1.1c-2.17.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3377	P	sysstat-12.0.2-10.24.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3045	P	cups-pk-helper-0.2.5-5.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3365	P	shim-14-25.6.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94675	P	libopenssl-1_1-devel-1.1.1l-150400.5.14 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:93821	P	(Important)	2022-06-16
oval:org.opensuse.security:def:170	P	libopenssl-1_1-devel-1.1.1d-11.20.1 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:380	P	virtualbox-guest-tools-6.1.32-lp154.1.83 on GA media (Moderate)	2022-06-10
oval:org.opensuse.security:def:460	P	Security update for libcaca (Moderate)	2022-04-29
oval:org.opensuse.security:def:112741	P	libopenssl-1_1-devel-1.1.1l-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:10438	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:10670	P	Security update for MozillaThunderbird (Important)	2021-12-22
oval:org.opensuse.security:def:57147	P	Security update for the Linux Kernel (Live Patch 41 for SLE 12 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:8687	P	Security update for glib-networking (Important)	2021-12-10
oval:org.opensuse.security:def:8870	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:46316	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:10370	P	Security update for poppler (Important)	2021-12-01
oval:org.opensuse.security:def:8672	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:69752	P	Security update for MozillaFirefox (Important)	2021-11-10
oval:org.opensuse.security:def:10362	P	Security update for MozillaFirefox (Important)	2021-11-10
oval:org.opensuse.security:def:8857	P	Security update for salt (Moderate)	2021-10-27
oval:org.opensuse.security:def:10661	P	Security update for the Linux Kernel (Important)	2021-10-15
oval:org.opensuse.security:def:8848	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:106213	P	libopenssl-1_1-devel-1.1.1l-1.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:49299	P	Security update for python-urllib3 (Moderate)	2021-09-29
oval:org.opensuse.security:def:96669	P	libopenssl-1_1-devel-1.1.0i-12.9 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:89704	P	libopenssl-1_1-devel-1.1.0i-12.9 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71290	P	libopenssl-1_1-devel-1.1.0i-12.9 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:103359	P	libopenssl-1_1-devel-1.1.0i-12.9 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2102	P	389-ds-1.4.0.3-2.39 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61549	P	libopenssl-1_1-devel-1.1.0i-12.9 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:6704	P	Security update for the Linux Kernel (Live Patch 22 for SLE 15) (Important)	2021-09-16
oval:org.opensuse.security:def:8839	P	Security update for openssl-1_1 (Low)	2021-09-07
oval:org.opensuse.security:def:57073	P	Security update for openssl (Important)	2021-08-24
oval:org.opensuse.security:def:74303	P	Security update for MozillaFirefox (Important)	2021-08-19
oval:org.opensuse.security:def:47297	P	java-1_8_0-openjdk-1.8.0.131-26.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46996	P	libXp6-1.0.2-3.57 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47982	P	cups-1.7.5-20.23.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47682	P	libXrandr2-1.5.0-6.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47117	P	pam-modules-12.1-23.12 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47996	P	dracut-044.2-15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13813	P	elfutils-0.158-6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47896	P	supportutils-3.0-95.18.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47310	P	libX11-6-1.6.2-11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48162	P	libopenssl1_1-1.1.1c-2.17.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15042	P	libopenssl1_1-1.1.1c-2.17.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48117	P	libgnomesu-2.0.0-353.6.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48138	P	libkpathsea6-6.2.0dev-22.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46981	P	krb5-appl-clients-1.0.3-1.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47980	P	cron-4.2-59.10.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13791	P	cpp48-4.8.5-30.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48107	P	libevent-2_0-5-2.0.21-6.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48042	P	hplip-3.16.11-1.33 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47442	P	mailman-2.1.17-1.18 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48310	P	squid-4.8-2.17 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48209	P	libu2f-host0-1.1.6-3.5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46982	P	libFLAC++6-1.3.0-11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47246	P	e2fsprogs-1.42.11-15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47981	P	ctags-5.8-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47534	P	xlockmore-5.43-5.30 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:63414	P	apache2-mod_php7-7.4.6-3.17.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63375	P	sca-patterns-sle15-1.0.1-12.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63507	P	php7-embed-7.4.6-3.17.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:100946	P	libopenssl-1_1-devel-1.1.1d-11.20.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1099	P	libopenssl-1_1-devel-1.1.1d-11.20.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62227	P	libthai-data-0.1.27-1.16 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71929	P	libopenssl-1_1-devel-1.1.1d-11.20.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62188	P	libopenssl-1_1-devel-1.1.1d-11.20.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62030	P	autoyast2-4.3.77-1.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62031	P	avahi-0.7-3.6.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62834	P	vino-3.22.0-9.32 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62054	P	cups-2.2.7-3.26.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:23946	P	Security update for libsndfile (Critical)	2021-08-05
oval:org.opensuse.security:def:8625	P	Security update for linuxptp (Important)	2021-07-27
oval:org.opensuse.security:def:8806	P	Security update for nodejs10 (Important)	2021-07-15
oval:org.opensuse.security:def:6685	P	Security update for the Linux Kernel (Live Patch 20 for SLE 15) (Important)	2021-07-14
oval:org.opensuse.security:def:10683	P	Security update for bluez (Moderate)	2021-07-12
oval:org.opensuse.security:def:9530	P	Security update for spice (Important)	2021-06-11
oval:org.opensuse.security:def:8781	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:11343	P	libXrandr2-1.4.2-3.56 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48847	P	lhasa-0.2.0-5.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:70947	P	libXext-devel-1.3.3-1.30 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48534	P	libpng12-0-1.2.50-13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46543	P	opie-2.4-724.56 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46396	P	cpp48-4.8.3+r212056-6.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11321	P	hardlink-1.0-6.45 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48901	P	freerdp-2.0.0~git.1463131968.4e66df7-12.3.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46514	P	librpcsecgss3-0.19-16.54 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:62848	P	crash-7.2.1-1.22 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46455	P	libXcursor1-1.1.14-3.59 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48682	P	libgadu3-1.11.4-1.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46608	P	accountsservice-0.6.35-3.10 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48896	P	colord-1.3.3-12.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:71060	P	openslp-2.0.0-4.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48442	P	gzip-1.6-7.209 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:6670	P	Security update for the Linux Kernel (Live Patch 23 for SLE 15) (Important)	2021-05-25
oval:org.opensuse.security:def:1464	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:9508	P	Security update for the Linux Kernel (Important)	2021-05-18
oval:org.opensuse.security:def:37498	P	Security update for curl (Moderate)	2021-04-28
oval:org.opensuse.security:def:8557	P	Security update for zstd (Moderate)	2021-04-08
oval:org.opensuse.security:def:6868	P	Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP1) (Important)	2021-04-07
oval:org.opensuse.security:def:23772	P	Security update for openssl (Moderate)	2021-03-24
oval:org.opensuse.security:def:38338	P	Security update for wavpack (Important)	2021-03-19
oval:org.opensuse.security:def:23763	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:51748	P	Security update for python (Moderate)	2021-03-16
oval:org.opensuse.security:def:8706	P	Security update for salt (Critical)	2021-02-26
oval:org.opensuse.security:def:10392	P	Security update for screen (Important)	2021-02-17
oval:org.opensuse.security:def:24019	P	Security update for screen (Important)	2021-02-17
oval:org.opensuse.security:def:69857	P	Security update for wavpack (Moderate)	2021-01-21
oval:org.opensuse.security:def:8579	P	Security update for tcmu-runner (Important)	2021-01-18
oval:org.opensuse.security:def:45583	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:49138	P	Security update for slurm_18_08 (Important)	2020-12-17
oval:org.opensuse.security:def:64273	P	Security update for openssl-1_1 (Important)	2020-12-09
oval:org.opensuse.security:def:6846	P	Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP1) (Important)	2020-12-07
oval:org.opensuse.security:def:12832	P	autofs-5.1.3-1.17 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61854	P	libopenssl-1_1-devel-1.1.1d-9.9 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12840	P	bubblewrap-0.3.3-1.31 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62569	P	libnetpbm-devel-10.80.1-3.3.36 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12989	P	libgcrypt20-1.6.1-16.68.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13036	P	libopenssl1_1-1.1.1c-2.17.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12862	P	davfs2-1.5.2-2.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62502	P	NetworkManager-1.10.6-5.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13064	P	libshibsp-lite6-2.5.5-6.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4021	P	libopenssl-1_1-devel-1.1.1c-2.17.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12908	P	gstreamer-plugins-good-1.8.3-15.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63611	P	colord-gtk-lang-0.1.26-1.48 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62700	P	libsrtp-devel-1.6.0-2.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63050	P	python2-numpy-gnu-hpc-1.14.0-2.105 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13089	P	libvirglrenderer0-0.5.0-11.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62369	P	containerd-1.2.2-5.9.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:116758	P	libopenssl-1_1-devel-1.1.1d-9.9 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12955	P	libXp6-1.0.2-3.57 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:100534	P	libopenssl-1_1-devel-1.1.1d-9.9 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13153	P	python-cupshelpers-1.5.7-7.5 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16857	P	libopenssl-1_1-devel-1.1.1c-2.17.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63188	P	uuidd-2.31.1-7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:48980	P	dia-0.97.3-15.63 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13140	P	perl-HTML-Parser-3.71-1.145 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62368	P	docker-17.09.1_ce-4.25 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13131	P	pam_ssh-2.0-1.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71595	P	libopenssl-1_1-devel-1.1.1d-9.9 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62392	P	PackageKit-1.1.10-2.7 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12970	P	libass5-0.10.2-3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49042	P	libwmf-0_2-7-0.2.8.4-242.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107200	P	libopenssl-1_1-devel-1.1.1d-9.9 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63052	P	python2-numpy-gnu-hpc-1.14.0-4.5.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2687	P	Security update for gnutls (Important)	2020-12-02
oval:org.opensuse.security:def:2646	P	Security update for webkit2gtk3 (Moderate)	2020-12-02
oval:org.opensuse.security:def:2711	P	Security update for openexr (Moderate)	2020-12-02
oval:org.opensuse.security:def:2658	P	Security update for texlive (Important)	2020-12-02
oval:org.opensuse.security:def:2636	P	Security update for wireshark (Moderate)	2020-12-02
oval:org.opensuse.security:def:2717	P	Security update for flatpak (Moderate)	2020-12-02
oval:org.opensuse.security:def:2725	P	Security update for MozillaFirefox (Important)	2020-12-02
oval:org.opensuse.security:def:2672	P	Security update for ghostscript (Important)	2020-12-02
oval:org.opensuse.security:def:2727	P	Security update for python (Moderate)	2020-12-02
oval:org.opensuse.security:def:2678	P	Security update for ImageMagick (Moderate)	2020-12-02
oval:org.opensuse.security:def:2640	P	Security update for libcdio (Low)	2020-12-02
oval:org.opensuse.security:def:36799	P	bash on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18135	P	Security update for php7 (Important)	2020-12-01
oval:org.opensuse.security:def:6855	P	unixODBC on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49504	P	bubblewrap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37586	P	libspice-client-glib-2_0-8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49209	P	libosinfo on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54953	P	libxml2-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18435	P	Security update for gdk-pixbuf (Important)	2020-12-01
oval:org.opensuse.security:def:67607	P	giflib-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10594	P	rpm-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37547	P	libltdl7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50399	P	Security update for libpng16 (Low)	2020-12-01
oval:org.opensuse.security:def:49153	P	libXv-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37132	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50233	P	kernel-default-extra on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18413	P	Security update for freeradius-server (Important)	2020-12-01
oval:org.opensuse.security:def:25097	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:51810	P	Security update for openssl-1_1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:24330	P	Security update for smt, yast2-smt (Important)	2020-12-01
oval:org.opensuse.security:def:50368	P	Security update for gnutls (Important)	2020-12-01
oval:org.opensuse.security:def:6547	P	ImageMagick on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54296	P	libpng16-16 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45767	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:18401	P	Security update for poppler (Moderate)	2020-12-01
oval:org.opensuse.security:def:37658	P	python-libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73192	P	libopenssl-1_1-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6555	P	at on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18166	P	Security update for xerces-j2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:50303	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:36800	P	bind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49650	P	libXcursor1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:63741	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:67707	P	libopenssl-1_1-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45457	P	Security update for samba, talloc, tevent (Moderate)	2020-12-01
oval:org.opensuse.security:def:55119	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:17951	P	Security update for libimobiledevice, usbmuxd (Important)	2020-12-01
oval:org.opensuse.security:def:10619	P	MozillaFirefox-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50472	P	Security update for sqlite3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17959	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:37189	P	libdcerpc-binding0-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24459	P	Security update for sqlite3 (Important)	2020-12-01
oval:org.opensuse.security:def:49154	P	libXvMC-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:63749	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:49152	P	libXtst-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54436	P	coolkey on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45891	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:24421	P	Security update for sqlite3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:64360	P	libopenssl-1_1-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6577	P	cups-filters on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10485	P	libasm-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18202	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:63709	P	Security update for postgresql10 (Moderate)	2020-12-01
oval:org.opensuse.security:def:73074	P	enscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:8549	P	xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36811	P	cron on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49748	P	ocaml on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:63875	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:24409	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:24068	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:55404	P	unzip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66409	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:45458	P	Security update for postgresql96 (Moderate)	2020-12-01
oval:org.opensuse.security:def:6779	P	libwireshark8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38296	P	libgssglue1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17993	P	Security update for libpng12 (Moderate)	2020-12-01
oval:org.opensuse.security:def:37279	P	mailman on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49206	P	libopenssl-1_1-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49172	P	libhogweed4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:63854	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:19099	P	Security update for openssl-1_1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:54674	P	rtkit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45975	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:6623	P	grub2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10500	P	libgpgme-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18312	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:64237	P	dbus-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50485	P	Security update for zziplib (Moderate)	2020-12-01
oval:org.opensuse.security:def:36895	P	libcgroup-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49905	P	cloud-init on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:63981	P	Security update for sysstat (Moderate)	2020-12-01
oval:org.opensuse.security:def:55716	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:66501	P	libopenssl-1_1-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54273	P	libjasper1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24138	P	Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:55512	P	Security update for libtasn1 (Low)	2020-12-01
oval:org.opensuse.security:def:64125	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:45470	P	Security update for memcached (Important)	2020-12-01
oval:org.opensuse.security:def:6804	P	pam-modules on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55678	P	Security update for postgresql94 (Important)	2020-12-01
oval:org.opensuse.security:def:18078	P	Security update for cairo (Moderate)	2020-12-01
oval:org.opensuse.security:def:37439	P	ghostscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64083	P	Security update for libproxy (Important)	2020-12-01
oval:org.opensuse.security:def:63804	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:55604	P	Security update for ntp (Important)	2020-12-01
oval:org.opensuse.security:def:23828	P	Security update for libjpeg-turbo (Important)	2020-12-01
oval:org.opensuse.security:def:54847	P	libarchive13 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:46109	P	Security update for spice (Moderate)	2020-12-01
oval:org.opensuse.security:def:19073	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:50539	P	Security update for openssl-1_1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:10519	P	libmodplug-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18344	P	Security update for postgresql96 (Moderate)	2020-12-01
oval:org.opensuse.security:def:49107	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:74177	P	Security update for rubygem-puma (Moderate)	2020-12-01
oval:org.opensuse.security:def:25129	P	Security update for openssl-1_1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:37031	P	sysvinit-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50143	P	enigmail on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55797	P	Security update for openssh (Moderate)	2020-12-01
oval:org.opensuse.security:def:24281	P	Security update for libsoup (Moderate)	2020-12-01
oval:org.opensuse.security:def:54274	P	libjavascriptcoregtk-1_0-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6837	P	rtkit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37614	P	libz1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:63889	P	Security update for openssl-1_1 (Moderate)	2020-12-01
oval:com.redhat.rhsa:def:20193700	P	RHSA-2019:3700: openssl security, bug fix, and enhancement update (Low)	2019-11-05
oval:org.opensuse.security:def:109927	P	Security update for virtualbox (Important)	2019-07-30
oval:org.opensuse.security:def:88867	P	Security update for openssl-1_1 (Moderate)	2019-03-28
oval:org.opensuse.security:def:126056	P	Security update for openssl-1_1 (Moderate)	2019-03-28
oval:org.opensuse.security:def:79781	P	Security update for openssl-1_1 (Moderate)	2019-03-28
oval:org.opensuse.security:def:126443	P	Security update for openssl-1_1 (Moderate)	2019-03-28
oval:org.opensuse.security:def:125016	P	Security update for openssl-1_1 (Moderate)	2019-03-28
oval:com.ubuntu.xenial:def:201915430000000	V	CVE-2019-1543 on Ubuntu 16.04 LTS (xenial) - low.	2019-03-06
oval:com.ubuntu.bionic:def:20191543000	V	CVE-2019-1543 on Ubuntu 18.04 LTS (bionic) - low.	2019-03-06
oval:com.ubuntu.disco:def:201915430000000	V	CVE-2019-1543 on Ubuntu 19.04 (disco) - low.	2019-03-06
oval:com.ubuntu.cosmic:def:20191543000	V	CVE-2019-1543 on Ubuntu 18.10 (cosmic) - low.	2019-03-06
oval:com.ubuntu.cosmic:def:201915430000000	V	CVE-2019-1543 on Ubuntu 18.10 (cosmic) - low.	2019-03-06
oval:com.ubuntu.trusty:def:20191543000	V	CVE-2019-1543 on Ubuntu 14.04 LTS (trusty) - low.	2019-03-06
oval:com.ubuntu.bionic:def:201915430000000	V	CVE-2019-1543 on Ubuntu 18.04 LTS (bionic) - low.	2019-03-06
oval:com.ubuntu.xenial:def:20191543000	V	CVE-2019-1543 on Ubuntu 16.04 LTS (xenial) - low.	2019-03-06

BACK