Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP2:Update
patchinfo.9548
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.9548
<patchinfo incident="9548"> <issue tracker="bnc" id="1100078">curl on SLES12 shows some SSL errors we did not see on SLES11</issue> <issue tracker="bnc" id="1113534">VUL-0: CVE-2018-5407: Hyperthread port content side channel aka "PortSmash"</issue> <issue tracker="bnc" id="1113742">VUL-1: openssl: missing timing side channel patch for DSA signature generation</issue> <issue tracker="bnc" id="1113652">VUL-1: CVE-2018-0734: openssl,openssl1,openssl-1_1,openssl-1_0_0,compat-openssl098: Timing vulnerability in DSA signature generation</issue> <issue tracker="bnc" id="1112209">openssl-1_1 - hangs generating DSA key</issue> <issue tracker="cve" id="2018-0734"/> <issue tracker="cve" id="2018-5407"/> <category>security</category> <rating>moderate</rating> <packager>vitezslav_cizek</packager> <description>This update for openssl-1_0_0 fixes the following issues: Security issues fixed: - CVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652). - CVE-2018-5407: Added elliptic curve scalar multiplication timing attack defenses that fixes "PortSmash" (bsc#1113534). Non-security issues fixed: - Added missing timing side channel patch for DSA signature generation (bsc#1113742). - Set TLS version to 0 in msg_callback for record messages to avoid confusing applications (bsc#1100078). - Fixed infinite loop in DSA generation with incorrect parameters (bsc#1112209) </description> <summary>Security update for openssl-1_0_0</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor