Alerts This Week
Warning Icon 1 938
Alerts This Week
Warning Icon 1 938

openSUSE 15.6: 2024:3905-1 moderate: openssl-1_1 security fix

opensuse
Calendar Grey November 4, 2024
Dist Opensuse Esm H88
The latest release of openssl-1_1 contains crucial updates addressing various security flaws and vulnerabilities, essential for users operating on SUSE.
This update for openssl-1_1 fixes the following issues: Security fixes:

Description

This update for openssl-1_1 fixes the following issues:

Security fixes:

* CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262)

Other fixes:

* FIPS: AES GCM external IV implementation (bsc#1228618)

* FIPS: Mark PBKDF2 and HKDF HMAC input keys with size >= 112 bits as approved

in the SLI. (bsc#1228623)

* FIPS: Enforce KDF in FIPS style (bsc#1224270)

* FIPS: Mark HKDF and TLSv1.3 KDF as approved in the SLI (bsc#1228619)

* FIPS: The X9.31 scheme is not approved for RSA signature operations in FIPS

186-5. (bsc#1224269)

* FIPS: Differentiate the PSS length requirements (bsc#1224275)

* FIPS: Mark sigGen and sigVer primitives as non-approved (bsc#1224272)

* FIPS: Disable PKCSv1.5 and shake in FIPS mode (bsc#1224271)

* FIPS: Mark SHA1 as non-approved in the SLI (bsc#1224266)

* FIPS: DH FIPS selftest and safe prime group (bsc#1224264)

* FIPS: Remove not needed FIPS DRBG files (bsc#1224268)

* FIPS: Add Pair-wise Consistency Test when generating...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate security fix SUSE openssl-1_1

Patch

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like

YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* Legacy Module 15-SP6

zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-3905=1

* openSUSE Leap 15.6

zypper in -t patch SUSE-2024-3905=1 openSUSE-SLE-15.6-2024-3905=1

* Basesystem Module 15-SP6

zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3905=1

* Development Tools Module 15-SP6

zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3905=1

Package List

* Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)

* openssl-1_1-debugsource-1.1.1w-150600.5.9.1

* openssl-1_1-debuginfo-1.1.1w-150600.5.9.1

* openssl-1_1-1.1.1w-150600.5.9.1

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)

* libopenssl-1_1-devel-1.1.1w-150600.5.9.1

* openssl-1_1-1.1.1w-150600.5.9.1

* openssl-1_1-debuginfo-1.1.1w-150600.5.9.1

* libopenssl1_1-debuginfo-1.1.1w-150600.5.9.1

* openssl-1_1-debugsource-1.1.1w-150600.5.9.1

* libopenssl1_1-1.1.1w-150600.5.9.1

* openSUSE Leap 15.6 (x86_64)

* libopenssl1_1-32bit-1.1.1w-150600.5.9.1

* libopenssl-1_1-devel-32bit-1.1.1w-150600.5.9.1

* libopenssl1_1-32bit-debuginfo-1.1.1w-150600.5.9.1

* openSUSE Leap 15.6 (noarch)

* openssl-1_1-doc-1.1.1w-150600.5.9.1

* openSUSE Leap 15.6 (aarch64_ilp32)

* libopenssl1_1-64bit-1.1.1w-150600.5.9.1

* libopenssl-1_1-devel-64bit-1.1.1w-150600.5.9.1

* libopenssl1_1-64bit-debuginfo-1.1.1w-150600.5.9.1

* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)

* openssl-1_1-debugsource-1.1.1w-150600.5.9.1

*...

Read the Full Advisory

References

* bsc#1220262

* bsc#1224258

* bsc#1224260

* bsc#1224264

* bsc#1224265

* bsc#1224266

* bsc#1224267

* bsc#1224268

* bsc#1224269

* bsc#1224270

* bsc#1224271

* bsc#1224272

* bsc#1224273

* bsc#1224275

* bsc#1228618

* bsc#1228619

* bsc#1228623

## References:

* https://www.suse.com/security/cve/CVE-2023-50782.html

* https://bugzilla.suse.com/show_bug.cgi?id=1220262

* https://bugzilla.suse.com/show_bug.cgi?id=1224258

* https://bugzilla.suse.com/show_bug.cgi?id=1224260

* https://bugzilla.suse.com/show_bug.cgi?id=1224264

* https://bugzilla.suse.com/show_bug.cgi?id=1224265

* https://bugzilla.suse.com/show_bug.cgi?id=1224266

* https://bugzilla.suse.com/show_bug.cgi?id=1224267

* https://bugzilla.suse.com/show_bug.cgi?id=1224268

* https://bugzilla.suse.com/show_bug.cgi?id=1224269

* https://bugzilla.suse.com/show_bug.cgi?id=1224270

* https://bugzilla.suse.com/show_bug.cgi?id=1224271

* https://bugzilla.suse.com/show_bug.cgi?id=1224272

* https://bugzilla.suse.com/show_bug.cgi?id=1224273

*...

Read the Full Advisory

Announcement ID: SUSE-SU-2024:3905-1
Release Date: 2024-11-04T12:39:19Z

Topics%20covered

Topics Covered

security advisory moderate security fix SUSE openssl-1_1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here