Описание
Security update for libgcrypt
This update for libgcrypt fixes the following issues:
- CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107).
Список пакетов
Container suse/sle-micro-rancher/5.2:latest
libgcrypt20-1.8.2-150100.8.45.1
Container suse/sle-micro/5.1/toolbox:latest
libgcrypt20-1.8.2-150100.8.45.1
libgcrypt20-hmac-1.8.2-150100.8.45.1
Container suse/sle-micro/5.2/toolbox:latest
libgcrypt20-1.8.2-150100.8.45.1
libgcrypt20-hmac-1.8.2-150100.8.45.1
SUSE Enterprise Storage 7.1
libgcrypt-devel-1.8.2-150100.8.45.1
libgcrypt-devel-32bit-1.8.2-150100.8.45.1
libgcrypt20-1.8.2-150100.8.45.1
libgcrypt20-32bit-1.8.2-150100.8.45.1
libgcrypt20-hmac-1.8.2-150100.8.45.1
libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
libgcrypt-devel-1.8.2-150100.8.45.1
libgcrypt-devel-32bit-1.8.2-150100.8.45.1
libgcrypt20-1.8.2-150100.8.45.1
libgcrypt20-32bit-1.8.2-150100.8.45.1
libgcrypt20-hmac-1.8.2-150100.8.45.1
libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1
SUSE Linux Enterprise Micro 5.1
libgcrypt20-1.8.2-150100.8.45.1
libgcrypt20-hmac-1.8.2-150100.8.45.1
SUSE Linux Enterprise Micro 5.2
libgcrypt20-1.8.2-150100.8.45.1
libgcrypt20-hmac-1.8.2-150100.8.45.1
SUSE Linux Enterprise Server 15 SP3-LTSS
libgcrypt-devel-1.8.2-150100.8.45.1
libgcrypt-devel-32bit-1.8.2-150100.8.45.1
libgcrypt20-1.8.2-150100.8.45.1
libgcrypt20-32bit-1.8.2-150100.8.45.1
libgcrypt20-hmac-1.8.2-150100.8.45.1
libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
libgcrypt-devel-1.8.2-150100.8.45.1
libgcrypt-devel-32bit-1.8.2-150100.8.45.1
libgcrypt20-1.8.2-150100.8.45.1
libgcrypt20-32bit-1.8.2-150100.8.45.1
libgcrypt20-hmac-1.8.2-150100.8.45.1
libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1
Ссылки
- Link for SUSE-SU-2025:02752-1
- E-Mail link for SUSE-SU-2025:02752-1
- SUSE Security Ratings
- SUSE Bug 1221107
- SUSE CVE CVE-2024-2236 page
Описание
A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.
Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:libgcrypt20-1.8.2-150100.8.45.1
Container suse/sle-micro/5.1/toolbox:latest:libgcrypt20-1.8.2-150100.8.45.1
Container suse/sle-micro/5.1/toolbox:latest:libgcrypt20-hmac-1.8.2-150100.8.45.1
Container suse/sle-micro/5.2/toolbox:latest:libgcrypt20-1.8.2-150100.8.45.1
Ссылки
- CVE-2024-2236
- SUSE Bug 1221107