SUSE-SU-2015:1143-1
Vulnerability Summary
Timeline
Description
Security update for openssl This update of openssl fixes the following security issues: - CVE-2015-4000 (bsc#931698) * The Logjam Attack / weakdh.org * reject connections with DH parameters shorter than 1024 bits * generates 2048-bit DH parameters by default - CVE-2015-1788 (bsc#934487) * Malformed ECParameters causes infinite loop - CVE-2015-1789 (bsc#934489) * Exploitable out-of-bounds read in X509_cmp_time - CVE-2015-1790 (bsc#934491) * PKCS7 crash with missing EnvelopedContent - CVE-2015-1792 (bsc#934493) * CMS verify infinite loop with unknown hash function - CVE-2015-1791 (bsc#933911) * race condition in NewSessionTicket - CVE-2015-3216 (bsc#933898) * Crash in ssleay_rand_bytes due to locking regression - fix a timing side channel in RSA decryption (bnc#929678)
Affected Systems
- suse•openssl&distro=SUSE Linux Enterprise Desktop 12
< 1.0.1i-25.1
- suse•openssl&distro=SUSE Linux Enterprise Server 12
< 1.0.1i-25.1
- suse•openssl&distro=SUSE Linux Enterprise Server for SAP Applications 12
< 1.0.1i-25.1
- suse•openssl&distro=SUSE Linux Enterprise Software Development Kit 12
< 1.0.1i-25.1
References (17)
- https://www.suse.com/support/update/announcement/2015/suse-su-20151143-1/
- https://bugzilla.suse.com/926597
- https://bugzilla.suse.com/929678
- https://bugzilla.suse.com/931698
- https://bugzilla.suse.com/933898
- https://bugzilla.suse.com/933911
- https://bugzilla.suse.com/934487
- https://bugzilla.suse.com/934489
- https://bugzilla.suse.com/934491
- https://bugzilla.suse.com/934493
- https://www.suse.com/security/cve/CVE-2015-1788
- https://www.suse.com/security/cve/CVE-2015-1789
- https://www.suse.com/security/cve/CVE-2015-1790
- https://www.suse.com/security/cve/CVE-2015-1791
- https://www.suse.com/security/cve/CVE-2015-1792
- https://www.suse.com/security/cve/CVE-2015-3216
- https://www.suse.com/security/cve/CVE-2015-4000