SUSE: 2020:3762-1 Important: OpenSSL Null Pointer Deference Issue

suse

December 11, 2020

An update that solves one vulnerability, contains one feature and has 6 fixes is now available

Summary

This update for openssl-1_0_0 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME (bsc#1179491). - Initialized dh->nid to NID_undef in DH_new_method() (bsc#1177673). - Fixed a test failure in apache_ssl in fips mode (bsc#1177793). - Renamed BN_get_rfc3526_prime_* functions back to get_rfc3526_prime_* (bsc#1177575). - Restored private key check in EC_KEY_check_key (bsc#1177479). - Added shared secret KAT to FIPS DH selftest (bsc#1176029). - Included ECDH/DH Requirements from SP800-56Arev3 (bsc#1176029). - Used SHA-2 in the RSA pairwise consistency check (bsc#1155346) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

Topics Covered

security advisory software patch important null pointer threat mitigation SUSE openssl important update openssl fix null pointer issue deference

References

#1155346 #1176029 #1177479 #1177575 #1177673

#1177793 #1179491 SLE-10541

Cross- CVE-2020-1971

Affected Products:

SUSE Linux Enterprise Server for SAP 15

SUSE Linux Enterprise Server 15-LTSS

SUSE Linux Enterprise Module for Legacy Software 15-SP3

SUSE Linux Enterprise Module for Legacy Software 15-SP2

SUSE Linux Enterprise Module for Legacy Software 15-SP1

SUSE Enterprise Storage 6

https://www.suse.com/security/cve/CVE-2020-1971.html

https://bugzilla.suse.com/1155346

https://bugzilla.suse.com/1176029

https://bugzilla.suse.com/1177479

https://bugzilla.suse.com/1177575

https://bugzilla.suse.com/1177673

https://bugzilla.suse.com/1177793

https://bugzilla.suse.com/1179491

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2020:3762-1

Rating: important

Topics Covered

security advisory software patch important null pointer threat mitigation SUSE openssl important update openssl fix null pointer issue deference

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2020:3762-1 Important: OpenSSL Null Pointer Deference Issue

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2020:3762-1 Important: OpenSSL Null Pointer Deference Issue

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!