Security update for compat-openssl098 (moderate)

2018-12-13T03:13:21
ID OPENSUSE-SU-2018:4104-1
Type suse
Reporter Suse
Modified 2018-12-13T03:13:21

Description

This update for compat-openssl098 fixes the following issues:

Security issues fixed:

  • CVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652).
  • CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses (bsc#1113534).
  • CVE-2016-8610: Adjusted current fix and add missing error string (bsc#1110018).
  • Fixed the "One and Done" side-channel attack on RSA (bsc#1104789).

This update was imported from the SUSE:SLE-12:Update update project.