SUSE-SU-2020:0474-1

Опубликовано: 25 фев. 2020

Источник: suse-cvrf

Описание

Security update for openssl

This update for openssl fixes the following issues:

Security issue fixed:

CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli (bsc#1158809).

Non-security issue fixed:

Fixed a crash in BN_copy (bsc#1160163).

Список пакетов

Container caasp/v4/nginx-ingress-controller:beta1

libopenssl1_0_0-1.0.2j-60.60.1

openssl-1.0.2j-60.60.1

Container suse/sles12sp3:latest

libopenssl1_0_0-1.0.2j-60.60.1

openssl-1.0.2j-60.60.1

HPE Helion OpenStack 8

libopenssl-devel-1.0.2j-60.60.1

libopenssl1_0_0-1.0.2j-60.60.1

libopenssl1_0_0-32bit-1.0.2j-60.60.1

libopenssl1_0_0-hmac-1.0.2j-60.60.1

libopenssl1_0_0-hmac-32bit-1.0.2j-60.60.1

openssl-1.0.2j-60.60.1

openssl-doc-1.0.2j-60.60.1

SUSE Enterprise Storage 5

libopenssl-devel-1.0.2j-60.60.1

libopenssl1_0_0-1.0.2j-60.60.1

libopenssl1_0_0-32bit-1.0.2j-60.60.1

libopenssl1_0_0-hmac-1.0.2j-60.60.1

libopenssl1_0_0-hmac-32bit-1.0.2j-60.60.1

openssl-1.0.2j-60.60.1

openssl-doc-1.0.2j-60.60.1

SUSE Linux Enterprise Server 12 SP2-BCL

libopenssl-devel-1.0.2j-60.60.1

libopenssl1_0_0-1.0.2j-60.60.1

libopenssl1_0_0-32bit-1.0.2j-60.60.1

libopenssl1_0_0-hmac-1.0.2j-60.60.1

libopenssl1_0_0-hmac-32bit-1.0.2j-60.60.1

openssl-1.0.2j-60.60.1

openssl-doc-1.0.2j-60.60.1

SUSE Linux Enterprise Server 12 SP2-LTSS

libopenssl-devel-1.0.2j-60.60.1

libopenssl1_0_0-1.0.2j-60.60.1

libopenssl1_0_0-32bit-1.0.2j-60.60.1

libopenssl1_0_0-hmac-1.0.2j-60.60.1

libopenssl1_0_0-hmac-32bit-1.0.2j-60.60.1

openssl-1.0.2j-60.60.1

openssl-doc-1.0.2j-60.60.1

SUSE Linux Enterprise Server 12 SP3-BCL

libopenssl-devel-1.0.2j-60.60.1

libopenssl1_0_0-1.0.2j-60.60.1

libopenssl1_0_0-32bit-1.0.2j-60.60.1

libopenssl1_0_0-hmac-1.0.2j-60.60.1

libopenssl1_0_0-hmac-32bit-1.0.2j-60.60.1

openssl-1.0.2j-60.60.1

openssl-doc-1.0.2j-60.60.1

SUSE Linux Enterprise Server 12 SP3-LTSS

libopenssl-devel-1.0.2j-60.60.1

libopenssl1_0_0-1.0.2j-60.60.1

libopenssl1_0_0-32bit-1.0.2j-60.60.1

libopenssl1_0_0-hmac-1.0.2j-60.60.1

libopenssl1_0_0-hmac-32bit-1.0.2j-60.60.1

openssl-1.0.2j-60.60.1

openssl-doc-1.0.2j-60.60.1

SUSE Linux Enterprise Server for SAP Applications 12 SP2

libopenssl-devel-1.0.2j-60.60.1

libopenssl1_0_0-1.0.2j-60.60.1

libopenssl1_0_0-32bit-1.0.2j-60.60.1

libopenssl1_0_0-hmac-1.0.2j-60.60.1

libopenssl1_0_0-hmac-32bit-1.0.2j-60.60.1

openssl-1.0.2j-60.60.1

openssl-doc-1.0.2j-60.60.1

SUSE Linux Enterprise Server for SAP Applications 12 SP3

libopenssl-devel-1.0.2j-60.60.1

libopenssl1_0_0-1.0.2j-60.60.1

libopenssl1_0_0-32bit-1.0.2j-60.60.1

libopenssl1_0_0-hmac-1.0.2j-60.60.1

libopenssl1_0_0-hmac-32bit-1.0.2j-60.60.1

openssl-1.0.2j-60.60.1

openssl-doc-1.0.2j-60.60.1

SUSE OpenStack Cloud 7

libopenssl-devel-1.0.2j-60.60.1

libopenssl1_0_0-1.0.2j-60.60.1

libopenssl1_0_0-32bit-1.0.2j-60.60.1

libopenssl1_0_0-hmac-1.0.2j-60.60.1

libopenssl1_0_0-hmac-32bit-1.0.2j-60.60.1

openssl-1.0.2j-60.60.1

openssl-doc-1.0.2j-60.60.1

SUSE OpenStack Cloud 8

libopenssl-devel-1.0.2j-60.60.1

libopenssl1_0_0-1.0.2j-60.60.1

libopenssl1_0_0-32bit-1.0.2j-60.60.1

libopenssl1_0_0-hmac-1.0.2j-60.60.1

libopenssl1_0_0-hmac-32bit-1.0.2j-60.60.1

openssl-1.0.2j-60.60.1

openssl-doc-1.0.2j-60.60.1

SUSE OpenStack Cloud Crowbar 8

libopenssl-devel-1.0.2j-60.60.1

libopenssl1_0_0-1.0.2j-60.60.1

libopenssl1_0_0-32bit-1.0.2j-60.60.1

libopenssl1_0_0-hmac-1.0.2j-60.60.1

libopenssl1_0_0-hmac-32bit-1.0.2j-60.60.1

openssl-1.0.2j-60.60.1

openssl-doc-1.0.2j-60.60.1

Ссылки

https://www.suse.com/support/update/announcement/2020/suse-su-20200474-1/
Link for SUSE-SU-2020:0474-1
https://lists.suse.com/pipermail/sle-security-updates/2020-February/006529.html
E-Mail link for SUSE-SU-2020:0474-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1117951
SUSE Bug 1117951
https://bugzilla.suse.com/1158809
SUSE Bug 1158809
https://bugzilla.suse.com/1160163
SUSE Bug 1160163
https://www.suse.com/security/cve/CVE-2019-1551/
SUSE CVE CVE-2019-1551 page

Описание

There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).

Затронутые продукты

Container caasp/v4/nginx-ingress-controller:beta1:libopenssl1_0_0-1.0.2j-60.60.1

Container caasp/v4/nginx-ingress-controller:beta1:openssl-1.0.2j-60.60.1

Container suse/sles12sp3:latest:libopenssl1_0_0-1.0.2j-60.60.1

Container suse/sles12sp3:latest:openssl-1.0.2j-60.60.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-1551.html
CVE-2019-1551
https://bugzilla.suse.com/1158809
SUSE Bug 1158809
https://bugzilla.suse.com/1205621
SUSE Bug 1205621

SUSE-SU-2020:0474-1

Описание

Список пакетов

Container caasp/v4/nginx-ingress-controller:beta1

Container suse/sles12sp3:latest

HPE Helion OpenStack 8

SUSE Enterprise Storage 5

SUSE Linux Enterprise Server 12 SP2-BCL

SUSE Linux Enterprise Server 12 SP2-LTSS

SUSE Linux Enterprise Server 12 SP3-BCL

SUSE Linux Enterprise Server 12 SP3-LTSS

SUSE Linux Enterprise Server for SAP Applications 12 SP2

SUSE Linux Enterprise Server for SAP Applications 12 SP3

SUSE OpenStack Cloud 7

SUSE OpenStack Cloud 8

SUSE OpenStack Cloud Crowbar 8

Ссылки

Уязвимость: CVE-2019-1551

Описание

Затронутые продукты

Ссылки