Security update for openssl (moderate)

ID OPENSUSE-SU-2019:1175-1
Type suse
Reporter Suse
Modified 2019-04-08T15:36:26


This update for openssl fixes the following issues:

Security issues fixed:

  • The 9 Lives of Bleichenbacher's CAT: Cache Attacks on TLS Implementations (bsc#1117951)
  • CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances a TLS server can be forced to respond differently to a client and lead to the decryption of the data (bsc#1127080).

Other issues addressed:

  • Fixed IV handling in SHAEXT paths: aes/asm/aesni-sha* (bsc#1113975).
  • Set TLS version to 0 in msg_callback for record messages to avoid confusing applications (bsc#1100078).

This update was imported from the SUSE:SLE-12-SP2:Update update project.