Описание
Security update for libgcrypt
This update for libgcrypt fixes the following issues:
- CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107).
Список пакетов
Container suse/manager/4.3/proxy-httpd:latest
libgcrypt20-1.9.4-150400.6.11.1
libgcrypt20-hmac-1.9.4-150400.6.11.1
Container suse/manager/4.3/proxy-salt-broker:latest
libgcrypt20-1.9.4-150400.6.11.1
libgcrypt20-hmac-1.9.4-150400.6.11.1
Container suse/manager/4.3/proxy-ssh:latest
libgcrypt20-1.9.4-150400.6.11.1
libgcrypt20-hmac-1.9.4-150400.6.11.1
Container suse/sle-micro-rancher/5.3:latest
libgcrypt20-1.9.4-150400.6.11.1
Container suse/sle-micro-rancher/5.4:latest
libgcrypt20-1.9.4-150400.6.11.1
Container suse/sle-micro/5.3/toolbox:latest
libgcrypt20-1.9.4-150400.6.11.1
libgcrypt20-hmac-1.9.4-150400.6.11.1
Container suse/sle-micro/5.4/toolbox:latest
libgcrypt20-1.9.4-150400.6.11.1
libgcrypt20-hmac-1.9.4-150400.6.11.1
Image SLES15-SP4-BYOS
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-BYOS-Azure
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-BYOS-EC2
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-BYOS-GCE
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-HPC-BYOS
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-HPC-BYOS-Azure
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-HPC-BYOS-EC2
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-HPC-BYOS-GCE
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-HPC-EC2
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-HPC-GCE
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Hardened-BYOS
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Hardened-BYOS-Azure
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Hardened-BYOS-EC2
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Hardened-BYOS-GCE
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Manager-Server-4-3-BYOS
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Micro-5-3
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Micro-5-3-BYOS
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Micro-5-3-BYOS-Azure
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Micro-5-3-BYOS-EC2
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Micro-5-3-BYOS-GCE
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Micro-5-3-EC2
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Micro-5-4
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Micro-5-4-BYOS
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Micro-5-4-BYOS-Azure
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Micro-5-4-BYOS-EC2
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Micro-5-4-BYOS-GCE
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Micro-5-4-EC2
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-Micro-5-4-GCE
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-SAP-BYOS
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-SAP-BYOS-Azure
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-SAP-BYOS-EC2
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-SAP-BYOS-GCE
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-SAP-Hardened-BYOS
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-SAP-Hardened-BYOS-Azure
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-SAP-Hardened-BYOS-EC2
libgcrypt20-1.9.4-150400.6.11.1
Image SLES15-SP4-SAP-Hardened-BYOS-GCE
libgcrypt20-1.9.4-150400.6.11.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
libgcrypt-devel-1.9.4-150400.6.11.1
libgcrypt20-1.9.4-150400.6.11.1
libgcrypt20-32bit-1.9.4-150400.6.11.1
libgcrypt20-hmac-1.9.4-150400.6.11.1
libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
libgcrypt-devel-1.9.4-150400.6.11.1
libgcrypt20-1.9.4-150400.6.11.1
libgcrypt20-32bit-1.9.4-150400.6.11.1
libgcrypt20-hmac-1.9.4-150400.6.11.1
libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1
SUSE Linux Enterprise Server 15 SP4-LTSS
libgcrypt-devel-1.9.4-150400.6.11.1
libgcrypt20-1.9.4-150400.6.11.1
libgcrypt20-32bit-1.9.4-150400.6.11.1
libgcrypt20-hmac-1.9.4-150400.6.11.1
libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4
libgcrypt-devel-1.9.4-150400.6.11.1
libgcrypt20-1.9.4-150400.6.11.1
libgcrypt20-32bit-1.9.4-150400.6.11.1
libgcrypt20-hmac-1.9.4-150400.6.11.1
libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1
SUSE Manager Proxy 4.3
libgcrypt-devel-1.9.4-150400.6.11.1
libgcrypt20-1.9.4-150400.6.11.1
libgcrypt20-32bit-1.9.4-150400.6.11.1
libgcrypt20-hmac-1.9.4-150400.6.11.1
libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1
SUSE Manager Server 4.3
libgcrypt-devel-1.9.4-150400.6.11.1
libgcrypt20-1.9.4-150400.6.11.1
libgcrypt20-32bit-1.9.4-150400.6.11.1
libgcrypt20-hmac-1.9.4-150400.6.11.1
libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1
Ссылки
- Link for SUSE-SU-2025:02464-2
- E-Mail link for SUSE-SU-2025:02464-2
- SUSE Security Ratings
- SUSE Bug 1221107
- SUSE CVE CVE-2024-2236 page
Описание
A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.
Затронутые продукты
Container suse/manager/4.3/proxy-httpd:latest:libgcrypt20-1.9.4-150400.6.11.1
Container suse/manager/4.3/proxy-httpd:latest:libgcrypt20-hmac-1.9.4-150400.6.11.1
Container suse/manager/4.3/proxy-salt-broker:latest:libgcrypt20-1.9.4-150400.6.11.1
Container suse/manager/4.3/proxy-salt-broker:latest:libgcrypt20-hmac-1.9.4-150400.6.11.1
Ссылки
- CVE-2024-2236
- SUSE Bug 1221107