Security update for libressl SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2018:2597-1 Final 1 1 2018-09-03T18:21:54Z current 2018-09-03T18:21:54Z 2018-09-03T18:21:54Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libressl This update for libressl to version 2.8.0 fixes the following issues: Security issues fixed: - CVE-2018-12434: Avoid a timing side-channel leak when generating DSA and ECDSA signatures. (boo#1097779) - Reject excessively large primes in DH key generation. - CVE-2018-8970: Fixed a bug in int_x509_param_set_hosts, calling strlen() if name length provided is 0 to match the OpenSSL behaviour. (boo#1086778) - Fixed an out-of-bounds read and crash in DES-fcrypt (boo#1065363) You can find a detailed list of changes [here](https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.8.0-relnotes.txt). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2018-09/msg00004.html E-Mail link for openSUSE-SU-2018:2597-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.3 libcrypto43-2.8.0-11.1 libcrypto43-32bit-2.8.0-11.1 libressl-2.8.0-11.1 libressl-devel-2.8.0-11.1 libressl-devel-32bit-2.8.0-11.1 libressl-devel-doc-2.8.0-11.1 libssl45-2.8.0-11.1 libssl45-32bit-2.8.0-11.1 libtls17-2.8.0-11.1 libtls17-32bit-2.8.0-11.1 libcrypto43-2.8.0-11.1 as a component of openSUSE Leap 42.3 libcrypto43-32bit-2.8.0-11.1 as a component of openSUSE Leap 42.3 libressl-2.8.0-11.1 as a component of openSUSE Leap 42.3 libressl-devel-2.8.0-11.1 as a component of openSUSE Leap 42.3 libressl-devel-32bit-2.8.0-11.1 as a component of openSUSE Leap 42.3 libressl-devel-doc-2.8.0-11.1 as a component of openSUSE Leap 42.3 libssl45-2.8.0-11.1 as a component of openSUSE Leap 42.3 libssl45-32bit-2.8.0-11.1 as a component of openSUSE Leap 42.3 libtls17-2.8.0-11.1 as a component of openSUSE Leap 42.3 libtls17-32bit-2.8.0-11.1 as a component of openSUSE Leap 42.3 LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. CVE-2018-12434 openSUSE Leap 42.3:libcrypto43-2.8.0-11.1 openSUSE Leap 42.3:libcrypto43-32bit-2.8.0-11.1 openSUSE Leap 42.3:libressl-2.8.0-11.1 openSUSE Leap 42.3:libressl-devel-2.8.0-11.1 openSUSE Leap 42.3:libressl-devel-32bit-2.8.0-11.1 openSUSE Leap 42.3:libressl-devel-doc-2.8.0-11.1 openSUSE Leap 42.3:libssl45-2.8.0-11.1 openSUSE Leap 42.3:libssl45-32bit-2.8.0-11.1 openSUSE Leap 42.3:libtls17-2.8.0-11.1 openSUSE Leap 42.3:libtls17-32bit-2.8.0-11.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-09/msg00004.html https://www.suse.com/security/cve/CVE-2018-12434.html CVE-2018-12434 https://bugzilla.suse.com/1097779 SUSE Bug 1097779 The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: the LibreSSL documentation indicates that this special case is supported, but the BoringSSL documentation does not. CVE-2018-8970 openSUSE Leap 42.3:libcrypto43-2.8.0-11.1 openSUSE Leap 42.3:libcrypto43-32bit-2.8.0-11.1 openSUSE Leap 42.3:libressl-2.8.0-11.1 openSUSE Leap 42.3:libressl-devel-2.8.0-11.1 openSUSE Leap 42.3:libressl-devel-32bit-2.8.0-11.1 openSUSE Leap 42.3:libressl-devel-doc-2.8.0-11.1 openSUSE Leap 42.3:libssl45-2.8.0-11.1 openSUSE Leap 42.3:libssl45-32bit-2.8.0-11.1 openSUSE Leap 42.3:libtls17-2.8.0-11.1 openSUSE Leap 42.3:libtls17-32bit-2.8.0-11.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-09/msg00004.html https://www.suse.com/security/cve/CVE-2018-8970.html CVE-2018-8970 https://bugzilla.suse.com/1086778 SUSE Bug 1086778