Описание
Security update for cryptctl
This update for cryptctl fixes the following issues:
Update to version 2.4:
- CVE-2019-18906: Client side password hashing was equivalent to clear text password storage (bsc#1186226)
- First step to use plain text password instead of hashed password.
- Move repository into the SUSE github organization
- in RPC server, if client comes from localhost, remember its ipv4 localhost address instead of ipv6 address
- tell a record to clear expired pending commands upon saving a command result; introduce pending commands RPC test case
- avoid hard coding 127.0.0.1 in host ID of alive message test; let system administrator mount and unmount disks by issuing these two commands on key server.
Список пакетов
Image SLES15-SAP-Azure-LI-BYOS-Production
cryptctl-2.4-4.5.1
Image SLES15-SAP-Azure-VLI-BYOS-Production
cryptctl-2.4-4.5.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
cryptctl-2.4-4.5.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
cryptctl-2.4-4.5.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
cryptctl-2.4-4.5.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
cryptctl-2.4-4.5.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
cryptctl-2.4-4.5.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
cryptctl-2.4-4.5.1
Image SLES15-SP4-SAP-Azure-LI-BYOS
cryptctl-2.4-4.5.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production
cryptctl-2.4-4.5.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS
cryptctl-2.4-4.5.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production
cryptctl-2.4-4.5.1
Image SLES15-SP5-SAP-Azure-LI-BYOS
cryptctl-2.4-4.5.1
Image SLES15-SP5-SAP-Azure-LI-BYOS-Production
cryptctl-2.4-4.5.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS
cryptctl-2.4-4.5.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production
cryptctl-2.4-4.5.1
Image SLES15-SP6-SAP-Azure-LI-BYOS
cryptctl-2.4-4.5.1
Image SLES15-SP6-SAP-Azure-LI-BYOS-Production
cryptctl-2.4-4.5.1
Image SLES15-SP6-SAP-Azure-VLI-BYOS
cryptctl-2.4-4.5.1
Image SLES15-SP6-SAP-Azure-VLI-BYOS-Production
cryptctl-2.4-4.5.1
Image SLES15-SP7-SAP-Azure-LI-BYOS-Production
cryptctl-2.4-4.5.1
Image SLES15-SP7-SAP-Azure-VLI-BYOS-Production
cryptctl-2.4-4.5.1
SUSE Enterprise Storage 6
cryptctl-2.4-4.5.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
cryptctl-2.4-4.5.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
cryptctl-2.4-4.5.1
SUSE Linux Enterprise Module for Basesystem 15 SP2
cryptctl-2.4-4.5.1
SUSE Linux Enterprise Module for Basesystem 15 SP3
cryptctl-2.4-4.5.1
SUSE Linux Enterprise Module for SAP Applications 15
cryptctl-2.4-4.5.1
SUSE Linux Enterprise Module for SAP Applications 15 SP1
cryptctl-2.4-4.5.1
SUSE Linux Enterprise Server 15 SP1-BCL
cryptctl-2.4-4.5.1
SUSE Linux Enterprise Server 15 SP1-LTSS
cryptctl-2.4-4.5.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
cryptctl-2.4-4.5.1
SUSE Manager Proxy 4.0
cryptctl-2.4-4.5.1
SUSE Manager Retail Branch Server 4.0
cryptctl-2.4-4.5.1
SUSE Manager Server 4.0
cryptctl-2.4-4.5.1
Ссылки
- Link for SUSE-SU-2021:2136-1
- E-Mail link for SUSE-SU-2021:2136-1
- SUSE Security Ratings
- SUSE Bug 1186226
- SUSE CVE CVE-2019-18906 page
Описание
A Improper Authentication vulnerability in cryptctl of SUSE Linux Enterprise Server for SAP 12-SP5, SUSE Manager Server 4.0 allows attackers with access to the hashed password to use it without having to crack it. This issue affects: SUSE Linux Enterprise Server for SAP 12-SP5 cryptctl versions prior to 2.4. SUSE Manager Server 4.0 cryptctl versions prior to 2.4.
Затронутые продукты
Image SLES15-SAP-Azure-LI-BYOS-Production:cryptctl-2.4-4.5.1
Image SLES15-SAP-Azure-VLI-BYOS-Production:cryptctl-2.4-4.5.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:cryptctl-2.4-4.5.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:cryptctl-2.4-4.5.1
Ссылки
- CVE-2019-18906
- SUSE Bug 1186226