SUSE: 2022:0861-1 important: openssl-1_1


   SUSE Security Update: Security update for openssl-1_1 
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:0861-1
Rating:             important
References:         #1182959 #1195149 #1195792 #1195856 #1196877 
                    
Cross-References:   CVE-2022-0778
CVSS scores:
                    CVE-2022-0778 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-0778 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:
                    SUSE Linux Enterprise Micro 5.2
______________________________________________________________________________

   An update that solves one vulnerability and has four fixes
   is now available.

Description:

   This update for openssl-1_1 fixes the following issues:

   openssl-1_1:

   - CVE-2022-0778: Infinite loop in BN_mod_sqrt() reachable when parsing
     certificates (bsc#1196877).
   - Fix PAC pointer authentication in ARM (bsc#1195856)
   - Pull libopenssl-1_1 when updating openssl-1_1 with the same version
     (bsc#1195792)
   - FIPS: Fix function and reason error codes (bsc#1182959)
   - Enable zlib compression support (bsc#1195149)

   glibc:

   - Resolve installation issue of `glibc-devel` in SUSE Linux Enterprise
     Micro 5.1

   linux-glibc-devel:

   - Resolve installation issue of `linux-kernel-headers` in SUSE Linux
     Enterprise Micro 5.1

   libxcrypt:

   - Resolve installation issue of `libxcrypt-devel` in SUSE Linux Enterprise
     Micro 5.1

   zlib:

   - Resolve installation issue of `zlib-devel` in SUSE Linux Enterprise
     Micro 5.1


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Micro 5.2:

      zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-861=1



Package List:

   - SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):

      glibc-2.31-150300.20.7
      glibc-debuginfo-2.31-150300.20.7
      glibc-debugsource-2.31-150300.20.7
      glibc-locale-2.31-150300.20.7
      glibc-locale-base-2.31-150300.20.7
      glibc-locale-base-debuginfo-2.31-150300.20.7
      libcrypt1-4.4.15-150300.4.2.41
      libcrypt1-debuginfo-4.4.15-150300.4.2.41
      libopenssl-1_1-devel-1.1.1d-11.43.1
      libopenssl1_1-1.1.1d-11.43.1
      libopenssl1_1-debuginfo-1.1.1d-11.43.1
      libopenssl1_1-hmac-1.1.1d-11.43.1
      libxcrypt-debugsource-4.4.15-150300.4.2.41
      libz1-1.2.11-3.26.10
      libz1-debuginfo-1.2.11-3.26.10
      openssl-1_1-1.1.1d-11.43.1
      openssl-1_1-debuginfo-1.1.1d-11.43.1
      openssl-1_1-debugsource-1.1.1d-11.43.1
      zlib-debugsource-1.2.11-3.26.10


References:

   https://www.suse.com/security/cve/CVE-2022-0778.html
   https://bugzilla.suse.com/1182959
   https://bugzilla.suse.com/1195149
   https://bugzilla.suse.com/1195792
   https://bugzilla.suse.com/1195856
   https://bugzilla.suse.com/1196877

What Are You Looking For?

SUSE: 2022:0861-1 important: openssl-1_1

Summary

References

Kubernetes Security on AWS: A Practical Guide

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

News

Advisories

HOWTOs

Features

Empowering MSPs with Straightforward Linux Device Management

A Complete Guide to Torrenting Safely in 2024

Cloud Security Basics for Small Businesses

Scanning and Defending Networks with Nmap

CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug

About Us

Powered By

What Are You Looking For?

SUSE: 2022:0861-1 important: openssl-1_1

Summary

References

Get the Latest News & Insights

Related News

News

Advisories

HOWTOs

Features

About Us

Powered By