openssl security update

1.1.1c-2 - do not try to use EC groups disallowed in FIPS mode in TLS - fix Valgrind regression with constant-time code 1.1.1c-1 - update to the 1.1.1c release 1.1.1b-6 - adjust the default cert pbe algorithm for pkcs12 -export in the FIPS mode 1.1.1b-5 - Fix small regressions related to the reba...

OPENSUSE-SU-2019:2269-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: OpenSSL Security Advisory 10 September 2019 CVE-2019-1547: Added ECGROUPsetgenerator side channel attack avoidance. bsc1150003 CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key bsc1150250 In addition fix...

OPENSUSE-SU-2019:2268-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: OpenSSL Security Advisory 10 September 2019 CVE-2019-1547: Added ECGROUPsetgenerator side channel attack avoidance. bsc1150003 CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key bsc1150250 In addition fix...

SUSE-SU-2019:2558-1 Security update for compat-openssl098

This update for compat-openssl098 fixes the following issues: OpenSSL Security Advisory 10 September 2019 - CVE-2019-1547: Added ECGROUPsetgenerator side channel attack avoidance bsc1150003. - CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key bsc1150250...

SUSE-SU-2019:2504-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: OpenSSL Security Advisory 10 September 2019 CVE-2019-1547: Added ECGROUPsetgenerator side channel attack avoidance. bsc1150003 CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key bsc1150250 In addition fix...

OPENSUSE-SU-2019:2189-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: OpenSSL Security Advisory 10 September 2019 CVE-2019-1547: Added ECGROUPsetgenerator side channel attack avoidance. bsc1150003 CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key bsc1150250 This update was...

SUSE-SU-2019:2413-1 Security update for openssl

This update for openssl fixes the following issues: OpenSSL Security Advisory 10 September 2019 - CVE-2019-1547: Added ECGROUPsetgenerator side channel attack avoidance bsc1150003. - CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key bsc1150250...

SUSE-SU-2019:2410-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: OpenSSL Security Advisory 10 September 2019 CVE-2019-1547: Added ECGROUPsetgenerator side channel attack avoidance. bsc1150003 CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key bsc1150250...

SUSE-SU-2019:14174-1 Security update for openssl

This update for openssl fixes the following issues: OpenSSL Security Advisory 10 September 2019 - CVE-2019-1547: Added ECGROUPsetgenerator side channel attack avoidance bsc1150003. - CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key bsc1150250...

SUSE-SU-2019:14171-1 Security update for openssl1

This update for openssl1 fixes the following issues: OpenSSL Security Advisory 10 September 2019 CVE-2019-1547: Added ECGROUPsetgenerator side channel attack avoidance. bsc1150003 CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key bsc1150250...

SUSE-SU-2019:14092-1 Security update for openssl

This update for openssl fixes the following issues: Security issues fixed: - CVE-2019-1559: Fix 0-byte record padding oracle via SSLshutdown bsc1127080 - Reject invalid EC point coordinates bsc1131291 - Mitigate the 'The 9 Lives of Bleichenbacher's CAT: Cache ATtacks on TLS Implementations' attac...

DSA-4475-1 openssl - security update

Bulletin has no description...

SUSE-SU-2019:1553-1 Security update for openssl

This update for openssl fixes the following issues: - CVE-2018-0732: Reject excessively large primes in DH key generation bsc1097158 - CVE-2018-0734: Timing vulnerability in DSA signature generation bsc1113652 - CVE-2018-0737: Cache timing vulnerability in RSA Key Generation bsc1089039 -...

The vulnerability of the PA-RISC CRYPTO_memcmp function in the OpenSSL library, which allows attackers to create fake messages

The vulnerability of the PA-RISC CRYPTOmemcmp function in the OpenSSL library is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to create fake messages that will be treated as authentic...

SUSE-SU-2018:3864-2 Security update for openssl

This update for openssl fixes the following issues: Security issues fixed: - CVE-2018-0734: Fixed timing vulnerability in DSA signature generation bsc1113652. - CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses bsc1113534. - CVE-2018-0737: Corrected the current erro...

OPENSUSE-SU-2019:1147-1 Security update for openssl-1_1

This update for openssl-11 OpenSSL Security Advisory 6 March 2019 fixes the following issues: Security issue fixed: - CVE-2019-1543: Fixed an implementation error in ChaCha20-Poly1305 where it was allowed to set IV with more than 12 bytes bsc1128189. Other issues addressed: - Fixed a segfault in...

OPENSUSE-SU-2019:1105-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: Security issues fixed: - The 9 Lives of Bleichenbacher's CAT: Cache Attacks on TLS Implementations bsc1117951 - CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances a TLS server can be forced to respond...

SUSE-SU-2019:0803-1 Security update for openssl

This update for openssl fixes the following issues: Security issues fixed: - The 9 Lives of Bleichenbacher's CAT: Cache Attacks on TLS Implementations bsc1117951 - CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances a TLS server can be forced to respond...

SUSE SLED12 / SLES12 Security Update : openssl-1_1 (SUSE-SU-2019:0787-1)

This update for openssl-11 OpenSSL Security Advisory 6 March 2019 fixes the following issues : Security issue fixed : CVE-2019-1543: Fixed an implementation error in ChaCha20-Poly1305 where it was allowed to set IV with more than 12 bytes bsc1128189. Note that Tenable Network Security has extract...

SUSE-SU-2019:0787-1 Security update for openssl-1_1

This update for openssl-11 OpenSSL Security Advisory 6 March 2019 fixes the following issues: Security issue fixed: - CVE-2019-1543: Fixed an implementation error in ChaCha20-Poly1305 where it was allowed to set IV with more than 12 bytes bsc1128189...