SUSE-SU-2018:3989-1 -- SLES openssl-1_0_0, libopensslID: oval:org.secpod.oval:def:89002091 | Date: (C)2021-02-26 (M)2024-01-29 |
Class: PATCH | Family: unix |
This update for openssl-1_0_0 fixes the following issues: Security issues fixed: - CVE-2018-0734: Fixed timing vulnerability in DSA signature generation . - CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses . - Add missing timing side channel patch for DSA signature generation . Non-security issues fixed: - Fixed infinite loop in DSA generation with incorrect parameters . - Set TLS version to 0 in msg_callback for record messages to avoid confusing applications .
Platform: |
SUSE Linux Enterprise Server 12 SP4 |
Product: |
openssl-1_0_0 |
libopenssl |