SUSE-SU-2020:0099-1 -- SLES openssl-1_1, libopenssl1_1ID: oval:org.secpod.oval:def:89000572 | Date: (C)2021-02-23 (M)2023-12-20 |
Class: PATCH | Family: unix |
This update for openssl-1_1 fixes the following issues: Security issue fixed: - CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli . - CVE-2019-1563: Fixed bleichenbacher attack against cms/pkcs7 encryptioon transported key . - CVE-2019-1551: Fixed integer overflow in RSAZ modular exponentiation on x86_64 . - CVE-2019-1549: Fixed fork problem with random generator . - CVE-2019-1547: Fixed EC_GROUP_set_generator side channel attack avoidance . Bug fixes: - Ship the openssl 1.1.1 binary as openssl-1_1, and make it installable in parallel with the system openssl . - Update to 1.1.1d .
Platform: |
SUSE Linux Enterprise Server 12 SP5 |
SUSE Linux Enterprise Server 12 SP4 |
SUSE Linux Enterprise Desktop 12 SP4 |
Product: |
openssl-1_1 |
libopenssl1_1 |