SUSE: 2020:0948-1 Moderate: gmp, gnutls, libnettle DoS Issue
suse
April 8, 2020
An update that solves one vulnerability and has three fixes is now available
Summary
This update for gmp, gnutls, libnettle fixes the following issues: Security issue fixed: - CVE-2020-11501: Fixed zero random value in DTLS client hello (bsc#1168345) FIPS related bugfixes: - FIPS: Install checksums for binary integrity verification which are required when running in FIPS mode (bsc#1152692, jsc#SLE-9518) - FIPS: Fixed a cfb8 decryption issue, no longer truncate output IV if input is shorter than block size. (bsc#1166881) - FIPS: Added Diffie Hellman public key verification test. (bsc#1155327) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 15:
References
#1152692 #1155327 #1166881 #1168345
Cross- CVE-2020-11501
Affected Products:
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1
SUSE Linux Enterprise Module for Development Tools 15-SP2
SUSE Linux Enterprise Module for Development Tools 15-SP1
SUSE Linux Enterprise Module for Basesystem 15-SP2
SUSE Linux Enterprise Module for Basesystem 15-SP1
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-ESPOS
https://www.suse.com/security/cve/CVE-2020-11501.html
https://bugzilla.suse.com/1152692
https://bugzilla.suse.com/1155327
PREVIOUS 
NEXT Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!