SUSE: 2020:0099-1 Moderate: OpenSSL-1_1 Security Update

suse

January 14, 2020

An update that solves four vulnerabilities and has two fixes is now available

Summary

This update for openssl-1_1 fixes the following issues: Security issue fixed: - CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli (bsc#1158809). - CVE-2019-1563: Fixed bleichenbacher attack against cms/pkcs7 encryptioon transported key (bsc#1150250). - CVE-2019-1551: Fixed integer overflow in RSAZ modular exponentiation on x86_64 (bsc#1158809). - CVE-2019-1549: Fixed fork problem with random generator (bsc#1150247). - CVE-2019-1547: Fixed EC_GROUP_set_generator side channel attack avoidance (bsc#1150003). Bug fixes: - Ship the openssl 1.1.1 binary as openssl-1_1, and make it installable in parallel with the system openssl (bsc#1140277). - Update to 1.1.1d (bsc#1133925, jsc#SLE-6430). Patch Instructions:

Topics Covered

security advisory moderate security issue software update SUSE openssl

References

#1133925 #1140277 #1150003 #1150247 #1150250

#1158809

Cross- CVE-2019-1547 CVE-2019-1549 CVE-2019-1551

CVE-2019-1563

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP5

SUSE Linux Enterprise Software Development Kit 12-SP4

SUSE Linux Enterprise Server 12-SP5

SUSE Linux Enterprise Server 12-SP4

SUSE Linux Enterprise Desktop 12-SP4

https://www.suse.com/security/cve/CVE-2019-1547.html

https://www.suse.com/security/cve/CVE-2019-1549.html

https://www.suse.com/security/cve/CVE-2019-1551.html

https://www.suse.com/security/cve/CVE-2019-1563.html

https://bugzilla.suse.com/1133925

https://bugzilla.suse.com/1140277

https://bugzilla.suse.com/1150003

https://bugzilla.suse.com/1150247

https://bugzilla.suse.com/1150250

Announcement ID: SUSE-SU-2020:0099-1

Rating: moderate

Topics Covered

security advisory moderate security issue software update SUSE openssl

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2020:0099-1 Moderate: OpenSSL-1_1 Security Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2020:0099-1 Moderate: OpenSSL-1_1 Security Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!