SUSE-SU-2025:02773-1

Опубликовано: 13 авг. 2025

Источник: suse-cvrf

Описание

Security update for libgcrypt

This update for libgcrypt fixes the following issues:

CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107).

Список пакетов

Container suse/sle-micro/5.5/toolbox:latest

libgcrypt20-1.9.4-150500.12.3.3

libgcrypt20-hmac-1.9.4-150500.12.3.3

Container suse/sle-micro/5.5:latest

libgcrypt20-1.9.4-150500.12.3.3

Container suse/sle-micro/base-5.5:latest

libgcrypt20-1.9.4-150500.12.3.3

Container suse/sle-micro/kvm-5.5:latest

libgcrypt20-1.9.4-150500.12.3.3

Container suse/sle-micro/rt-5.5:latest

libgcrypt20-1.9.4-150500.12.3.3

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

libgcrypt-cavs-1.9.4-150500.12.3.3

libgcrypt-devel-1.9.4-150500.12.3.3

libgcrypt20-1.9.4-150500.12.3.3

libgcrypt20-32bit-1.9.4-150500.12.3.3

libgcrypt20-hmac-1.9.4-150500.12.3.3

libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3

SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

libgcrypt-cavs-1.9.4-150500.12.3.3

libgcrypt-devel-1.9.4-150500.12.3.3

libgcrypt20-1.9.4-150500.12.3.3

libgcrypt20-32bit-1.9.4-150500.12.3.3

libgcrypt20-hmac-1.9.4-150500.12.3.3

libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3

SUSE Linux Enterprise Micro 5.5

libgcrypt20-1.9.4-150500.12.3.3

libgcrypt20-hmac-1.9.4-150500.12.3.3

SUSE Linux Enterprise Server 15 SP5-LTSS

libgcrypt-cavs-1.9.4-150500.12.3.3

libgcrypt-devel-1.9.4-150500.12.3.3

libgcrypt20-1.9.4-150500.12.3.3

libgcrypt20-32bit-1.9.4-150500.12.3.3

libgcrypt20-hmac-1.9.4-150500.12.3.3

libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3

SUSE Linux Enterprise Server for SAP Applications 15 SP5

libgcrypt-devel-1.9.4-150500.12.3.3

libgcrypt20-1.9.4-150500.12.3.3

libgcrypt20-32bit-1.9.4-150500.12.3.3

libgcrypt20-hmac-1.9.4-150500.12.3.3

libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-202502773-1/
Link for SUSE-SU-2025:02773-1
https://lists.suse.com/pipermail/sle-updates/2025-August/041193.html
E-Mail link for SUSE-SU-2025:02773-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1221107
SUSE Bug 1221107
https://www.suse.com/security/cve/CVE-2024-2236/
SUSE CVE CVE-2024-2236 page

Описание

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.

Затронутые продукты

Container suse/sle-micro/5.5/toolbox:latest:libgcrypt20-1.9.4-150500.12.3.3

Container suse/sle-micro/5.5/toolbox:latest:libgcrypt20-hmac-1.9.4-150500.12.3.3

Container suse/sle-micro/5.5:latest:libgcrypt20-1.9.4-150500.12.3.3

Container suse/sle-micro/base-5.5:latest:libgcrypt20-1.9.4-150500.12.3.3

Ссылки

https://www.suse.com/security/cve/CVE-2024-2236.html
CVE-2024-2236
https://bugzilla.suse.com/1221107
SUSE Bug 1221107

SUSE-SU-2025:02773-1

Описание

Список пакетов

Container suse/sle-micro/5.5/toolbox:latest

Container suse/sle-micro/5.5:latest

Container suse/sle-micro/base-5.5:latest

Container suse/sle-micro/kvm-5.5:latest

Container suse/sle-micro/rt-5.5:latest

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

SUSE Linux Enterprise Micro 5.5

SUSE Linux Enterprise Server 15 SP5-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP5

Ссылки

Уязвимость: CVE-2024-2236

Описание

Затронутые продукты

Ссылки