Описание
Security update for openssl-1_1
This update for openssl-1_1 fixes the following issues:
- CVE-2022-2097: Fixed partial missing encryption in AES OCB mode (bsc#1201099).
Список пакетов
Image SLES12-SP5-Azure-BYOS
libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-Azure-Basic-On-Demand
libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-Azure-HPC-BYOS
libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-Azure-HPC-On-Demand
libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-Azure-SAP-BYOS
libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-Azure-SAP-On-Demand
libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-Azure-Standard-On-Demand
libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-EC2-BYOS
libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-EC2-ECS-On-Demand
libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-EC2-On-Demand
libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-EC2-SAP-BYOS
libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-EC2-SAP-On-Demand
libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-GCE-BYOS
libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-GCE-On-Demand
libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-GCE-SAP-BYOS
libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-GCE-SAP-On-Demand
libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
libopenssl1_1-1.1.1d-2.69.1
SUSE Linux Enterprise Server 12 SP4-LTSS
libopenssl1_1-1.1.1d-2.69.1
libopenssl1_1-32bit-1.1.1d-2.69.1
libopenssl1_1-hmac-1.1.1d-2.69.1
libopenssl1_1-hmac-32bit-1.1.1d-2.69.1
openssl-1_1-1.1.1d-2.69.1
SUSE Linux Enterprise Server 12 SP5
libopenssl1_1-1.1.1d-2.69.1
libopenssl1_1-32bit-1.1.1d-2.69.1
libopenssl1_1-hmac-1.1.1d-2.69.1
libopenssl1_1-hmac-32bit-1.1.1d-2.69.1
openssl-1_1-1.1.1d-2.69.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
libopenssl1_1-1.1.1d-2.69.1
libopenssl1_1-32bit-1.1.1d-2.69.1
libopenssl1_1-hmac-1.1.1d-2.69.1
libopenssl1_1-hmac-32bit-1.1.1d-2.69.1
openssl-1_1-1.1.1d-2.69.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libopenssl1_1-1.1.1d-2.69.1
libopenssl1_1-32bit-1.1.1d-2.69.1
libopenssl1_1-hmac-1.1.1d-2.69.1
libopenssl1_1-hmac-32bit-1.1.1d-2.69.1
openssl-1_1-1.1.1d-2.69.1
SUSE Linux Enterprise Software Development Kit 12 SP5
libopenssl-1_1-devel-1.1.1d-2.69.1
libopenssl-1_1-devel-32bit-1.1.1d-2.69.1
SUSE OpenStack Cloud 9
libopenssl1_1-1.1.1d-2.69.1
libopenssl1_1-32bit-1.1.1d-2.69.1
libopenssl1_1-hmac-1.1.1d-2.69.1
libopenssl1_1-hmac-32bit-1.1.1d-2.69.1
openssl-1_1-1.1.1d-2.69.1
SUSE OpenStack Cloud Crowbar 9
libopenssl1_1-1.1.1d-2.69.1
libopenssl1_1-32bit-1.1.1d-2.69.1
libopenssl1_1-hmac-1.1.1d-2.69.1
libopenssl1_1-hmac-32bit-1.1.1d-2.69.1
openssl-1_1-1.1.1d-2.69.1
Ссылки
- Link for SUSE-SU-2022:2312-1
- E-Mail link for SUSE-SU-2022:2312-1
- SUSE Security Ratings
- SUSE Bug 1201099
- SUSE CVE CVE-2022-2097 page
Описание
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).
Затронутые продукты
Image SLES12-SP5-Azure-BYOS:libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-Azure-Basic-On-Demand:libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-Azure-HPC-BYOS:libopenssl1_1-1.1.1d-2.69.1
Image SLES12-SP5-Azure-HPC-On-Demand:libopenssl1_1-1.1.1d-2.69.1
Ссылки
- CVE-2022-2097
- SUSE Bug 1201099
- SUSE Bug 1201332