Описание
Security update for openssl-1_1
This update for openssl-1_1 fixes the following issues:
- CVE-2022-2097: Fixed partial missing encryption in AES OCB mode (bsc#1201099).
Список пакетов
Container caasp/v4/cilium-operator:1.6.6
libopenssl1_1-1.1.0i-150100.14.36.1
openssl-1_1-1.1.0i-150100.14.36.1
Container caasp/v4/cilium:1.6.6
libopenssl1_1-1.1.0i-150100.14.36.1
openssl-1_1-1.1.0i-150100.14.36.1
Container caasp/v4/helm-tiller:2.16.12
libopenssl1_1-1.1.0i-150100.14.36.1
openssl-1_1-1.1.0i-150100.14.36.1
Container suse/sle15:15.1
libopenssl1_1-1.1.0i-150100.14.36.1
openssl-1_1-1.1.0i-150100.14.36.1
Image SLES15-SP1-CHOST-BYOS-Azure
libopenssl1_1-1.1.0i-150100.14.36.1
openssl-1_1-1.1.0i-150100.14.36.1
Image SLES15-SP1-CHOST-BYOS-EC2
libopenssl1_1-1.1.0i-150100.14.36.1
openssl-1_1-1.1.0i-150100.14.36.1
Image SLES15-SP1-CHOST-BYOS-GCE
libopenssl1_1-1.1.0i-150100.14.36.1
openssl-1_1-1.1.0i-150100.14.36.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
libopenssl1_1-1.1.0i-150100.14.36.1
libopenssl1_1-32bit-1.1.0i-150100.14.36.1
openssl-1_1-1.1.0i-150100.14.36.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
libopenssl1_1-1.1.0i-150100.14.36.1
libopenssl1_1-32bit-1.1.0i-150100.14.36.1
openssl-1_1-1.1.0i-150100.14.36.1
Image SLES15-SP1-SAPCAL-Azure
libopenssl1_1-1.1.0i-150100.14.36.1
libopenssl1_1-32bit-1.1.0i-150100.14.36.1
openssl-1_1-1.1.0i-150100.14.36.1
Image SLES15-SP1-SAPCAL-EC2-HVM
libopenssl1_1-1.1.0i-150100.14.36.1
libopenssl1_1-32bit-1.1.0i-150100.14.36.1
openssl-1_1-1.1.0i-150100.14.36.1
Image SLES15-SP1-SAPCAL-GCE
libopenssl1_1-1.1.0i-150100.14.36.1
libopenssl1_1-32bit-1.1.0i-150100.14.36.1
openssl-1_1-1.1.0i-150100.14.36.1
SUSE Enterprise Storage 6
libopenssl-1_1-devel-1.1.0i-150100.14.36.1
libopenssl-1_1-devel-32bit-1.1.0i-150100.14.36.1
libopenssl1_1-1.1.0i-150100.14.36.1
libopenssl1_1-32bit-1.1.0i-150100.14.36.1
libopenssl1_1-hmac-1.1.0i-150100.14.36.1
libopenssl1_1-hmac-32bit-1.1.0i-150100.14.36.1
openssl-1_1-1.1.0i-150100.14.36.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
libopenssl-1_1-devel-1.1.0i-150100.14.36.1
libopenssl-1_1-devel-32bit-1.1.0i-150100.14.36.1
libopenssl1_1-1.1.0i-150100.14.36.1
libopenssl1_1-32bit-1.1.0i-150100.14.36.1
libopenssl1_1-hmac-1.1.0i-150100.14.36.1
libopenssl1_1-hmac-32bit-1.1.0i-150100.14.36.1
openssl-1_1-1.1.0i-150100.14.36.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
libopenssl-1_1-devel-1.1.0i-150100.14.36.1
libopenssl-1_1-devel-32bit-1.1.0i-150100.14.36.1
libopenssl1_1-1.1.0i-150100.14.36.1
libopenssl1_1-32bit-1.1.0i-150100.14.36.1
libopenssl1_1-hmac-1.1.0i-150100.14.36.1
libopenssl1_1-hmac-32bit-1.1.0i-150100.14.36.1
openssl-1_1-1.1.0i-150100.14.36.1
SUSE Linux Enterprise Server 15 SP1-BCL
libopenssl-1_1-devel-1.1.0i-150100.14.36.1
libopenssl-1_1-devel-32bit-1.1.0i-150100.14.36.1
libopenssl1_1-1.1.0i-150100.14.36.1
libopenssl1_1-32bit-1.1.0i-150100.14.36.1
libopenssl1_1-hmac-1.1.0i-150100.14.36.1
libopenssl1_1-hmac-32bit-1.1.0i-150100.14.36.1
openssl-1_1-1.1.0i-150100.14.36.1
SUSE Linux Enterprise Server 15 SP1-LTSS
libopenssl-1_1-devel-1.1.0i-150100.14.36.1
libopenssl-1_1-devel-32bit-1.1.0i-150100.14.36.1
libopenssl1_1-1.1.0i-150100.14.36.1
libopenssl1_1-32bit-1.1.0i-150100.14.36.1
libopenssl1_1-hmac-1.1.0i-150100.14.36.1
libopenssl1_1-hmac-32bit-1.1.0i-150100.14.36.1
openssl-1_1-1.1.0i-150100.14.36.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
libopenssl-1_1-devel-1.1.0i-150100.14.36.1
libopenssl-1_1-devel-32bit-1.1.0i-150100.14.36.1
libopenssl1_1-1.1.0i-150100.14.36.1
libopenssl1_1-32bit-1.1.0i-150100.14.36.1
libopenssl1_1-hmac-1.1.0i-150100.14.36.1
libopenssl1_1-hmac-32bit-1.1.0i-150100.14.36.1
openssl-1_1-1.1.0i-150100.14.36.1
Ссылки
- Link for SUSE-SU-2022:2311-1
- E-Mail link for SUSE-SU-2022:2311-1
- SUSE Security Ratings
- SUSE Bug 1201099
- SUSE CVE CVE-2022-2097 page
Описание
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).
Затронутые продукты
Container caasp/v4/cilium-operator:1.6.6:libopenssl1_1-1.1.0i-150100.14.36.1
Container caasp/v4/cilium-operator:1.6.6:openssl-1_1-1.1.0i-150100.14.36.1
Container caasp/v4/cilium:1.6.6:libopenssl1_1-1.1.0i-150100.14.36.1
Container caasp/v4/cilium:1.6.6:openssl-1_1-1.1.0i-150100.14.36.1
Ссылки
- CVE-2022-2097
- SUSE Bug 1201099
- SUSE Bug 1201332