Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

SUSE Container 5.4 Toolbox Security Advisory 2023:2191-1 Moderate

suse
Calendar Grey June 29, 2023
Dist Suse Esm H88
A security update for SUSE Container has been released to address vulnerabilities, enhancing system integrity and protecting against high-severity risks
The container suse/sle-micro/5.4/toolbox was updated

Summary

Advisory ID: SUSE-SU-2023:2648-1 Released: Tue Jun 27 09:52:35 2023 Summary: Security update for openssl-1_1 Type: security Severity: moderate

Topics%20covered

Topics Covered

security advisory moderate severity timing attack suse openssl toolbox container update

References

References : 1201627 1207534 CVE-2022-4304

1201627,1207534,CVE-2022-4304

This update for openssl-1_1 fixes the following issues:

- CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption.

The previous fix for this timing side channel turned out to cause a

severe 2-3x performance regression in the typical use case (bsc#1207534).

- Update further expiring certificates that affect the testsuite (bsc#1201627).

The following package changes have been done:

- libopenssl1_1-hmac-1.1.1l-150400.7.42.1 updated

- libopenssl1_1-1.1.1l-150400.7.42.1 updated

- openssl-1_1-1.1.1l-150400.7.42.1 updated

- container:sles15-image-15.0.0-27.14.72 updated

Container Advisory ID : SUSE-CU-2023:2191-1
Container Tags : suse/sle-micro/5.4/toolbox:12.1 , suse/sle-micro/5.4/toolbox:12.1-4.2.56 , suse/sle-micro/5.4/toolbox:latest
Container Release : 4.2.56
Severity : moderate
Type : security

Topics%20covered

Topics Covered

security advisory moderate severity timing attack suse openssl toolbox container update

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here