SUSE-SU-2024:1402-1

Опубликовано: 23 апр. 2024

Источник: suse-cvrf

Описание

Security update for opensc

This update for opensc fixes the following issues:

CVE-2023-5992: Fixed side-channel leaks while stripping encryption PKCS#1 padding (bsc#1219386)

Список пакетов

Image SLES15-SP4-Hardened-BYOS

opensc-0.22.0-150400.3.9.1

Image SLES15-SP4-Hardened-BYOS-Azure

opensc-0.22.0-150400.3.9.1

Image SLES15-SP4-Hardened-BYOS-EC2

opensc-0.22.0-150400.3.9.1

Image SLES15-SP4-Hardened-BYOS-GCE

opensc-0.22.0-150400.3.9.1

Image SLES15-SP4-SAP-Hardened

opensc-0.22.0-150400.3.9.1

Image SLES15-SP4-SAP-Hardened-Azure

opensc-0.22.0-150400.3.9.1

Image SLES15-SP4-SAP-Hardened-BYOS

opensc-0.22.0-150400.3.9.1

Image SLES15-SP4-SAP-Hardened-BYOS-Azure

opensc-0.22.0-150400.3.9.1

Image SLES15-SP4-SAP-Hardened-BYOS-EC2

opensc-0.22.0-150400.3.9.1

Image SLES15-SP4-SAP-Hardened-BYOS-GCE

opensc-0.22.0-150400.3.9.1

Image SLES15-SP4-SAP-Hardened-GCE

opensc-0.22.0-150400.3.9.1

Image SLES15-SP5-Hardened-BYOS-Azure

opensc-0.22.0-150400.3.9.1

Image SLES15-SP5-Hardened-BYOS-EC2

opensc-0.22.0-150400.3.9.1

Image SLES15-SP5-Hardened-BYOS-GCE

opensc-0.22.0-150400.3.9.1

Image SLES15-SP5-SAP-Hardened-Azure

opensc-0.22.0-150400.3.9.1

Image SLES15-SP5-SAP-Hardened-BYOS-Azure

opensc-0.22.0-150400.3.9.1

Image SLES15-SP5-SAP-Hardened-BYOS-EC2

opensc-0.22.0-150400.3.9.1

Image SLES15-SP5-SAP-Hardened-BYOS-GCE

opensc-0.22.0-150400.3.9.1

Image SLES15-SP5-SAP-Hardened-GCE

opensc-0.22.0-150400.3.9.1

SUSE Linux Enterprise Micro 5.3

opensc-0.22.0-150400.3.9.1

SUSE Linux Enterprise Micro 5.4

opensc-0.22.0-150400.3.9.1

SUSE Linux Enterprise Micro 5.5

opensc-0.22.0-150400.3.9.1

SUSE Linux Enterprise Module for Basesystem 15 SP5

opensc-0.22.0-150400.3.9.1

openSUSE Leap 15.5

opensc-0.22.0-150400.3.9.1

opensc-32bit-0.22.0-150400.3.9.1

openSUSE Leap Micro 5.3

opensc-0.22.0-150400.3.9.1

openSUSE Leap Micro 5.4

opensc-0.22.0-150400.3.9.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20241402-1/
Link for SUSE-SU-2024:1402-1
https://lists.suse.com/pipermail/sle-updates/2024-April/035071.html
E-Mail link for SUSE-SU-2024:1402-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1219386
SUSE Bug 1219386
https://www.suse.com/security/cve/CVE-2023-5992/
SUSE CVE CVE-2023-5992 page

Описание

A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data.

Затронутые продукты

Image SLES15-SP4-Hardened-BYOS-Azure:opensc-0.22.0-150400.3.9.1

Image SLES15-SP4-Hardened-BYOS-EC2:opensc-0.22.0-150400.3.9.1

Image SLES15-SP4-Hardened-BYOS-GCE:opensc-0.22.0-150400.3.9.1

Image SLES15-SP4-Hardened-BYOS:opensc-0.22.0-150400.3.9.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-5992.html
CVE-2023-5992
https://bugzilla.suse.com/1219386
SUSE Bug 1219386

SUSE-SU-2024:1402-1

Описание

Список пакетов

Image SLES15-SP4-Hardened-BYOS

Image SLES15-SP4-Hardened-BYOS-Azure

Image SLES15-SP4-Hardened-BYOS-EC2

Image SLES15-SP4-Hardened-BYOS-GCE

Image SLES15-SP4-SAP-Hardened

Image SLES15-SP4-SAP-Hardened-Azure

Image SLES15-SP4-SAP-Hardened-BYOS

Image SLES15-SP4-SAP-Hardened-BYOS-Azure

Image SLES15-SP4-SAP-Hardened-BYOS-EC2

Image SLES15-SP4-SAP-Hardened-BYOS-GCE

Image SLES15-SP4-SAP-Hardened-GCE

Image SLES15-SP5-Hardened-BYOS-Azure

Image SLES15-SP5-Hardened-BYOS-EC2

Image SLES15-SP5-Hardened-BYOS-GCE

Image SLES15-SP5-SAP-Hardened-Azure

Image SLES15-SP5-SAP-Hardened-BYOS-Azure

Image SLES15-SP5-SAP-Hardened-BYOS-EC2

Image SLES15-SP5-SAP-Hardened-BYOS-GCE

Image SLES15-SP5-SAP-Hardened-GCE

SUSE Linux Enterprise Micro 5.3

SUSE Linux Enterprise Micro 5.4

SUSE Linux Enterprise Micro 5.5

SUSE Linux Enterprise Module for Basesystem 15 SP5

openSUSE Leap 15.5

openSUSE Leap Micro 5.3

openSUSE Leap Micro 5.4

Ссылки

Уязвимость: CVE-2023-5992

Описание

Затронутые продукты

Ссылки