File _patchinfo of Package patchinfo.8421
<patchinfo incident="8421"> <issue id="1106197" tracker="bnc">[FIPS][Build 0365] openQA test fails in openssl_pubkey_rsa and generating RSA private key fail</issue> <issue tracker="bnc" id="997043">SLES 12 SP2 RC2 - Relocate /usr/lib64/engines/libibmpkcs11 files to /lib64/engines/ in openssl-ibmpkcs11-1.0.0-9.2.s390x package</issue> <issue tracker="bnc" id="1104789">VUL-1: openssl,openssl1,openssl-1_1,openssl-1_0_2: side channel attack in exponentation "'One and Done" attack</issue> <issue tracker="bnc" id="1089039">VUL-1: CVE-2018-0737: openssl side channel attacks against RSA keygeneration</issue> <issue tracker="bnc" id="1101246">openssl: pkg-config enginesdir returns wrong directory, breaks openssl_tpm_engine</issue> <issue tracker="bnc" id="1101470">OpenSSL 1.0 command line interface cannot be installed without removing essential packages</issue> <issue tracker="cve" id="2018-0737"/> <category>security</category> <rating>moderate</rating> <packager>vitezslav_cizek</packager> <description>This update for openssl fixes the following issues: These security issues were fixed: - Prevent One&Done side-channel attack on RSA that allowed physically near attackers to use EM emanations to recover information (bsc#1104789) - CVE-2018-0737: The RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could have recovered the private key (bsc#1089039) These non-security issues were fixed: - Add openssl(cli) Provide so the packages that require the openssl binary can require this instead of the new openssl meta package (bsc#1101470) - Fixed path to the engines which are under /lib64 on SLE-12 (bsc#1101246, bsc#997043) </description> <summary>Security update for openssl</summary> </patchinfo>
