Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 584
Alerts This Week
Warning Icon 1 584

SUSE: 2023:3791-1 Important: OpenSSL Denial of Service Fix

suse
Calendar Grey November 22, 2023
Scroller Suse
Critical enhancement for suse/sle15 rectifying recent vulnerabilities with essential patches for openssl and container functionalities.
The container suse/sle15 was updated

Summary

Advisory ID: SUSE-SU-2023:4511-1 Released: Tue Nov 21 16:43:08 2023 Summary: Security update for container-suseconnect Type: security Severity: important Advisory ID: SUSE-SU-2023:4524-1 Released: Tue Nov 21 17:51:28 2023 Summary: Security update for openssl-1_1 Type: security Severity: important

References

References : 1212475 1216922 CVE-2023-5678

1212475

This update of container-suseconnect fixes the following issues:

- rebuild the package with the go 1.21 security release (bsc#1212475).

1216922,CVE-2023-5678

This update for openssl-1_1 fixes the following issues:

- CVE-2023-5678: Fixed generating and checking of excessively long X9.42 DH keys that resulted in a possible Denial of Service (bsc#1216922).

The following package changes have been done:

- container-suseconnect-2.4.0-150000.4.44.1 updated

- libopenssl1_1-hmac-1.1.1l-150400.7.60.2 updated

- libopenssl1_1-1.1.1l-150400.7.60.2 updated

- openssl-1_1-1.1.1l-150400.7.60.2 updated

Severity
important
Lowest
Low
Medium
High
Critical

Container Advisory ID : SUSE-CU-2023:3791-1
Container Tags : bci/bci-base:15.4 , bci/bci-base:15.4.27.14.120 , suse/sle15:15.4 , suse/sle15:15.4.27.14.120
Container Release : 27.14.120
Severity : important
Type : security

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.