File _patchinfo of Package patchinfo.12282

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.12282

<patchinfo incident="12282">
  <issue tracker="bnc" id="1152692">Make GnuTLS ready for FIPS certification</issue>
  <issue tracker="bnc" id="1166881">FIPS: gnutls: cfb8 decryption issue</issue>
  <issue tracker="bnc" id="1155327">FIPS: add DH key test</issue>
  <issue tracker="bnc" id="1168345">VUL-0: gnutls: DTLS client hello contains a random value of all zeroes</issue>

<issue tracker="cve" id="2020-11501"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>vitezslav_cizek</packager>
  <description>This update for gmp, gnutls, libnettle fixes the following issues:

Security issue fixed:

- CVE-2020-11501: Fixed zero random value in DTLS client hello (bsc#1168345)

FIPS related bugfixes:

- FIPS: Install checksums for binary integrity verification which are
  required when running in FIPS mode (bsc#1152692, jsc#SLE-9518)
- FIPS: Fixed a cfb8 decryption issue, no longer truncate output IV if
  input is shorter than block size. (bsc#1166881)
- FIPS: Added Diffie Hellman public key verification test. (bsc#1155327)

This update was imported from the SUSE:SLE-15:Update update project.</description>
  <summary>Security update for gmp, gnutls, libnettle</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.12282

Places