SUSE-SU-2023:1912-1

Опубликовано: 19 апр. 2023

Источник: suse-cvrf

Описание

Security update for compat-openssl098

This update for compat-openssl098 fixes the following issues:

CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored (bsc#1209878).

Список пакетов

Image SLES12-SP5-Azure-SAP-BYOS

libopenssl0_9_8-0.9.8j-106.48.1

Image SLES12-SP5-Azure-SAP-On-Demand

libopenssl0_9_8-0.9.8j-106.48.1

Image SLES12-SP5-EC2-SAP-BYOS

libopenssl0_9_8-0.9.8j-106.48.1

Image SLES12-SP5-EC2-SAP-On-Demand

libopenssl0_9_8-0.9.8j-106.48.1

Image SLES12-SP5-GCE-SAP-BYOS

libopenssl0_9_8-0.9.8j-106.48.1

Image SLES12-SP5-GCE-SAP-On-Demand

libopenssl0_9_8-0.9.8j-106.48.1

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

libopenssl0_9_8-0.9.8j-106.48.1

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

libopenssl0_9_8-0.9.8j-106.48.1

SUSE Linux Enterprise Module for Legacy 12

libopenssl0_9_8-0.9.8j-106.48.1

libopenssl0_9_8-32bit-0.9.8j-106.48.1

SUSE Linux Enterprise Server for SAP Applications 12 SP4

libopenssl0_9_8-0.9.8j-106.48.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5

libopenssl0_9_8-0.9.8j-106.48.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20231912-1/
Link for SUSE-SU-2023:1912-1
https://lists.suse.com/pipermail/sle-security-updates/2023-April/014497.html
E-Mail link for SUSE-SU-2023:1912-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1209878
SUSE Bug 1209878
https://www.suse.com/security/cve/CVE-2023-0465/
SUSE CVE CVE-2023-0465 page

Описание

Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.

Затронутые продукты

Image SLES12-SP5-Azure-SAP-BYOS:libopenssl0_9_8-0.9.8j-106.48.1

Image SLES12-SP5-Azure-SAP-On-Demand:libopenssl0_9_8-0.9.8j-106.48.1

Image SLES12-SP5-EC2-SAP-BYOS:libopenssl0_9_8-0.9.8j-106.48.1

Image SLES12-SP5-EC2-SAP-On-Demand:libopenssl0_9_8-0.9.8j-106.48.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-0465.html
CVE-2023-0465
https://bugzilla.suse.com/1209878
SUSE Bug 1209878
https://bugzilla.suse.com/1212331
SUSE Bug 1212331
https://bugzilla.suse.com/1215014
SUSE Bug 1215014

SUSE-SU-2023:1912-1

Описание

Список пакетов

Image SLES12-SP5-Azure-SAP-BYOS

Image SLES12-SP5-Azure-SAP-On-Demand

Image SLES12-SP5-EC2-SAP-BYOS

Image SLES12-SP5-EC2-SAP-On-Demand

Image SLES12-SP5-GCE-SAP-BYOS

Image SLES12-SP5-GCE-SAP-On-Demand

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

SUSE Linux Enterprise Module for Legacy 12

SUSE Linux Enterprise Server for SAP Applications 12 SP4

SUSE Linux Enterprise Server for SAP Applications 12 SP5

Ссылки

Уязвимость: CVE-2023-0465

Описание

Затронутые продукты

Ссылки