[SUSE-SU-2015:0547-1] Security update for compat-openssl097g
Severity
Moderate
Affected Packages
3
CVEs
14
Security update for compat-openssl097g
OpenSSL was updated to fix several security issues:
* CVE-2015-4000: The Logjam Attack ( weakdh.org ) has been addressed by
rejecting connections with DH parameters shorter than 1024 bits.
2048-bit DH parameters are now generated by default.
* CVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.
* CVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent
was fixed.
* Fixed a timing side channel in RSA decryption. (bsc#929678)
Additional changes:
* In the default SSL cipher string EXPORT ciphers are now disabled.
This will only get active if applications get rebuilt and actually
use this string. (bsc#931698)
Security Issues:
* CVE-2015-1789
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789>
* CVE-2015-1790
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790>
* CVE-2015-4000
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000>
Package | Affected Version |
---|---|
pkg:rpm/suse/compat-openssl097g?arch=x86_64&distro=sled-11&sp=3 | < 0.9.7g-146.22.31.1 |
pkg:rpm/suse/compat-openssl097g?arch=i586&distro=sled-11&sp=3 | < 0.9.7g-146.22.31.1 |
pkg:rpm/suse/compat-openssl097g-32bit?arch=x86_64&distro=sled-11&sp=3 | < 0.9.7g-146.22.31.1 |
- ID
- SUSE-SU-2015:0547-1
- Severity
- moderate
- URL
- https://www.suse.com/support/update/announcement/2015/suse-su-20150547-1/
- Published
-
2015-06-19T09:33:13
(9 years ago) - Modified
-
2015-06-19T09:33:13
(9 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2014-349
- ALAS-2015-469
- ALAS-2015-498
- ALAS-2015-550
- ALAS-2015-569
- ALAS-2015-570
- ALAS-2015-571
- ALAS-2015-586
- ALAS-2016-682
- CISCO-SA-20150113-CVE-2015-0204
- CISCO-SA-20150310-SSL
- CISCO-SA-20150320-OPENSSL
- CISCO-SA-20150612-OPENSSL
- DSA-3125-1
- DSA-3197-1
- DSA-3287-1
- DSA-3300-1
- DSA-3316-1
- DSA-3324-1
- DSA-3339-1
- DSA-3688-1
- ELSA-2015-0066
- ELSA-2015-0715
- ELSA-2015-0716
- ELSA-2015-0800
- ELSA-2015-1072
- ELSA-2015-1115
- ELSA-2015-1185
- ELSA-2015-1197
- ELSA-2015-1228
- ELSA-2015-1229
- ELSA-2015-1230
- ELSA-2015-1526
- ELSA-2015-3010
- ELSA-2015-3022
- ELSA-2016-0372
- FEDORA-2015-0512
- FEDORA-2015-0601
- FEDORA-2015-10047
- FEDORA-2015-10108
- FEDORA-2015-11414
- FEDORA-2015-11475
- FEDORA-2015-4300
- FEDORA-2015-4303
- FEDORA-2015-4320
- FEDORA-2015-6855
- FEDORA-2015-6951
- FEDORA-2015-9048
- FEDORA-2015-9130
- FEDORA-2015-9161
- FREEBSD:44D9DAEE-940C-4179-86BB-6E3FFD617869
- FREEBSD:4E536C14-9791-11E4-977D-D050992ECDE8
- FREEBSD:8305E215-1080-11E5-8BA2-000C2980A9F3
- FREEBSD:9D15355B-CE7C-11E4-9DB0-D050992ECDE8
- GLSA-201503-11
- GLSA-201506-02
- GLSA-201512-10
- GLSA-201603-11
- GLSA-201605-06
- GLSA-201701-46
- RHSA-2015:0066
- RHSA-2015:0715
- RHSA-2015:0716
- RHSA-2015:1072
- RHSA-2015:1115
- RHSA-2015:1185
- RHSA-2015:1228
- RHSA-2015:1229
- RHSA-2015:1485
- RHSA-2015:1486
- RHSA-2015:1526
- RHSA-2015:1544
- RHSA-2016:0372
- SECADV-20150105-1
- SECADV-20150105-3
- SECADV-20150106-1
- SECADV-20150108-2
- SECADV-20150108-3
- SECADV-20150302-1
- SECADV-20150319-4
- SECADV-20150319-6
- SECADV-20150319-7
- SECADV-20150319-8
- SECADV-20150319-9
- SECADV-20150611-2
- SECADV-20150611-3
- SSA:2015-009-01
- SSA:2015-111-09
- SSA:2015-162-01
- SUSE-SU-2015:0182-2
- SUSE-SU-2015:0305-1
- SUSE-SU-2015:0343-1
- SUSE-SU-2015:0343-2
- SUSE-SU-2015:0344-1
- SUSE-SU-2015:0392-1
- SUSE-SU-2015:0541-1
- SUSE-SU-2015:0543-1
- SUSE-SU-2015:0545-1
- SUSE-SU-2015:0545-2
- SUSE-SU-2015:0546-1
- SUSE-SU-2015:0553-1
- SUSE-SU-2015:0553-2
- SUSE-SU-2015:0578-1
- SUSE-SU-2015:0620-1
- SUSE-SU-2015:0946-1
- SUSE-SU-2015:1086-1
- SUSE-SU-2015:1086-2
- SUSE-SU-2015:1086-3
- SUSE-SU-2015:1086-4
- SUSE-SU-2015:1143-1
- SUSE-SU-2015:1150-1
- SUSE-SU-2015:1161-1
- SUSE-SU-2015:1177-1
- SUSE-SU-2015:1177-2
- SUSE-SU-2015:1182-1
- SUSE-SU-2015:1182-2
- SUSE-SU-2015:1183-1
- SUSE-SU-2015:1183-2
- SUSE-SU-2015:1184-1
- SUSE-SU-2015:1184-2
- SUSE-SU-2015:1185-1
- SUSE-SU-2015:1268-1
- SUSE-SU-2015:1268-2
- SUSE-SU-2015:1269-1
- SUSE-SU-2015:1319-1
- SUSE-SU-2015:1320-1
- SUSE-SU-2015:1329-1
- SUSE-SU-2015:1331-1
- SUSE-SU-2015:1345-1
- SUSE-SU-2015:1375-1
- SUSE-SU-2015:1410-1
- SUSE-SU-2015:1449-1
- SUSE-SU-2015:1482-1
- SUSE-SU-2015:1509-1
- SUSE-SU-2015:1526-1
- SUSE-SU-2015:1544-1
- SUSE-SU-2015:1581-1
- SUSE-SU-2015:1663-1
- SUSE-SU-2015:1695-1
- SUSE-SU-2015:1840-1
- SUSE-SU-2015:1851-1
- SUSE-SU-2015:2166-1
- SUSE-SU-2015:2168-1
- SUSE-SU-2015:2168-2
- SUSE-SU-2015:2182-1
- SUSE-SU-2015:2192-1
- SUSE-SU-2015:2216-1
- SUSE-SU-2015:2303-1
- SUSE-SU-2016:0224-1
- SUSE-SU-2016:0262-1
- SUSE-SU-2016:0344-1
- SUSE-SU-2016:1618-1
- SUSE-SU-2016:2209-1
- SUSE-SU-2016:2385-1
- SUSE-SU-2018:1768-1
- SUSE-SU-2023:0586-1
- SUSE-SU-2023:4506-1
- SUSE-SU-2023:4507-1
- USN-2459-1
- USN-2537-1
- USN-2639-1
- USN-2656-1
- USN-2656-2
- USN-2673-1
- USN-2696-1
- USN-2706-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/compat-openssl097g?arch=x86_64&distro=sled-11&sp=3 | suse | compat-openssl097g | < 0.9.7g-146.22.31.1 | sled-11 | x86_64 | |
Affected | pkg:rpm/suse/compat-openssl097g?arch=i586&distro=sled-11&sp=3 | suse | compat-openssl097g | < 0.9.7g-146.22.31.1 | sled-11 | i586 | |
Affected | pkg:rpm/suse/compat-openssl097g-32bit?arch=x86_64&distro=sled-11&sp=3 | suse | compat-openssl097g-32bit | < 0.9.7g-146.22.31.1 | sled-11 | x86_64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |