Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-0732 (GCVE-0-2018-0732)
Vulnerability from cvelistv5 – Published: 2018-06-12 13:00 – Updated: 2024-09-17 02:11
VLAI
EPSS
Title
Client DoS due to large DH parameter
Summary
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).
Severity
No CVSS data available.
CWE
- Client side Denial of Service
Assigner
References
37 references
Impacted products
Date Public
2018-06-12 00:00
Credits
Guido Vranken
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.303Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20180728 [SECURITY] [DLA 1449-1] openssl security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html"
},
{
"name": "104442",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104442"
},
{
"name": "DSA-4355",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4355"
},
{
"name": "RHSA-2018:2552",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2552"
},
{
"name": "GLSA-201811-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201811-03"
},
{
"name": "USN-3692-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3692-2/"
},
{
"name": "RHSA-2018:2553",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
},
{
"name": "RHSA-2018:3505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3505"
},
{
"name": "USN-3692-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3692-1/"
},
{
"name": "RHSA-2018:3221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3221"
},
{
"name": "DSA-4348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4348"
},
{
"name": "1041090",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041090"
},
{
"name": "RHSA-2019:1297",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1297"
},
{
"name": "RHSA-2019:1296",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1296"
},
{
"name": "RHSA-2019:1543",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1543"
},
{
"name": "FEDORA-2019-db06efdea1",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/"
},
{
"name": "FEDORA-2019-00c25b9379",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/"
},
{
"name": "FEDORA-2019-9a0a7c0986",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2018-14"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2018-13"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2018-17"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2018-12"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20181105-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3984ef0b72831da8b3ece4745cac4f8575b19098"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv/20180612.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ea7abeeabf92b7aca160bdd0208636d4da69f4f4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190118-0002/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-419820.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"status": "affected",
"version": "Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h)"
},
{
"status": "affected",
"version": "Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Guido Vranken"
}
],
"datePublic": "2018-06-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o)."
}
],
"metrics": [
{
"other": {
"content": {
"lang": "eng",
"url": "https://www.openssl.org/policies/secpolicy.html#Low",
"value": "Low"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Client side Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-08T11:06:25.000Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"name": "[debian-lts-announce] 20180728 [SECURITY] [DLA 1449-1] openssl security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html"
},
{
"name": "104442",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104442"
},
{
"name": "DSA-4355",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4355"
},
{
"name": "RHSA-2018:2552",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2552"
},
{
"name": "GLSA-201811-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201811-03"
},
{
"name": "USN-3692-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3692-2/"
},
{
"name": "RHSA-2018:2553",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
},
{
"name": "RHSA-2018:3505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3505"
},
{
"name": "USN-3692-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3692-1/"
},
{
"name": "RHSA-2018:3221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3221"
},
{
"name": "DSA-4348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4348"
},
{
"name": "1041090",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041090"
},
{
"name": "RHSA-2019:1297",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1297"
},
{
"name": "RHSA-2019:1296",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1296"
},
{
"name": "RHSA-2019:1543",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1543"
},
{
"name": "FEDORA-2019-db06efdea1",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/"
},
{
"name": "FEDORA-2019-00c25b9379",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/"
},
{
"name": "FEDORA-2019-9a0a7c0986",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2018-14"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2018-13"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2018-17"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2018-12"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20181105-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3984ef0b72831da8b3ece4745cac4f8575b19098"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.openssl.org/news/secadv/20180612.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ea7abeeabf92b7aca160bdd0208636d4da69f4f4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190118-0002/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-419820.pdf"
}
],
"title": "Client DoS due to large DH parameter",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "openssl-security@openssl.org",
"DATE_PUBLIC": "2018-06-12",
"ID": "CVE-2018-0732",
"STATE": "PUBLIC",
"TITLE": "Client DoS due to large DH parameter"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenSSL",
"version": {
"version_data": [
{
"version_value": "Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h)"
},
{
"version_value": "Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o)"
}
]
}
}
]
},
"vendor_name": "OpenSSL"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Guido Vranken"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o)."
}
]
},
"impact": [
{
"lang": "eng",
"url": "https://www.openssl.org/policies/secpolicy.html#Low",
"value": "Low"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Client side Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180728 [SECURITY] [DLA 1449-1] openssl security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html"
},
{
"name": "104442",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104442"
},
{
"name": "DSA-4355",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4355"
},
{
"name": "RHSA-2018:2552",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2552"
},
{
"name": "GLSA-201811-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201811-03"
},
{
"name": "USN-3692-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3692-2/"
},
{
"name": "RHSA-2018:2553",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
},
{
"name": "RHSA-2018:3505",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3505"
},
{
"name": "USN-3692-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3692-1/"
},
{
"name": "RHSA-2018:3221",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3221"
},
{
"name": "DSA-4348",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4348"
},
{
"name": "1041090",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041090"
},
{
"name": "RHSA-2019:1297",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1297"
},
{
"name": "RHSA-2019:1296",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1296"
},
{
"name": "RHSA-2019:1543",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1543"
},
{
"name": "FEDORA-2019-db06efdea1",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/"
},
{
"name": "FEDORA-2019-00c25b9379",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/"
},
{
"name": "FEDORA-2019-9a0a7c0986",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"name": "https://www.tenable.com/security/tns-2018-14",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-14"
},
{
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133",
"refsource": "CONFIRM",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133"
},
{
"name": "https://www.tenable.com/security/tns-2018-13",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-13"
},
{
"name": "https://www.tenable.com/security/tns-2018-17",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-17"
},
{
"name": "https://www.tenable.com/security/tns-2018-12",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-12"
},
{
"name": "https://security.netapp.com/advisory/ntap-20181105-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181105-0001/"
},
{
"name": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/"
},
{
"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3984ef0b72831da8b3ece4745cac4f8575b19098",
"refsource": "CONFIRM",
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3984ef0b72831da8b3ece4745cac4f8575b19098"
},
{
"name": "https://www.openssl.org/news/secadv/20180612.txt",
"refsource": "CONFIRM",
"url": "https://www.openssl.org/news/secadv/20180612.txt"
},
{
"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ea7abeeabf92b7aca160bdd0208636d4da69f4f4",
"refsource": "CONFIRM",
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ea7abeeabf92b7aca160bdd0208636d4da69f4f4"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190118-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190118-0002/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-419820.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-419820.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2018-0732",
"datePublished": "2018-06-12T13:00:00.000Z",
"dateReserved": "2017-11-30T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:11:18.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2018-0732",
"date": "2026-05-29",
"epss": "0.78382",
"percentile": "0.99052"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-0732\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2018-06-12T13:29:00.207\",\"lastModified\":\"2024-11-21T03:38:49.630\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).\"},{\"lang\":\"es\",\"value\":\"Durante los acuerdos de clave en un handshake TLS mediante un conjunto de cifrado basado en DH(E), un servidor malicioso puede enviar un valor primo muy grande al cliente. Esto provocar\u00e1 que el cliente gaste una cantidad de tiempo demasiado grande generando una clave para este primo, lo que resulta en un bloqueo hasta que termine el cliente. Esto podr\u00eda explotarse en un ataque de Denegaci\u00f3n de servicio (DoS). Se ha solucionado en OpenSSL 1.1.0i-dev (afecta a 1.1.0-1.1.0h). Se ha solucionado en OpenSSL 1.0.2p-dev (afecta a 1.0.2-1.0.2o).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-320\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.2\",\"versionEndIncluding\":\"1.0.2o\",\"matchCriteriaId\":\"5DADB202-4A40-4A12-9CEA-F7BD4529F002\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.1.0\",\"versionEndIncluding\":\"1.1.0h\",\"matchCriteriaId\":\"BF986111-5DDB-4BC8-AF03-14626778AB23\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"8D305F7A-D159-4716-AB26-5E38BB5CD991\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9070C9D8-A14A-467F-8253-33B966C16886\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.8.1\",\"matchCriteriaId\":\"344E262B-2C2F-42B4-B6BF-56ECC9792F37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\",\"versionStartIncluding\":\"6.9.0\",\"versionEndExcluding\":\"6.14.4\",\"matchCriteriaId\":\"2D7B18CD-B613-47B1-84AB-E63CC8C217C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndExcluding\":\"8.8.1\",\"matchCriteriaId\":\"F2A7041F-CF80-4FB3-9A45-1C454BEFF0D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\",\"versionStartIncluding\":\"8.9.0\",\"versionEndExcluding\":\"8.11.4\",\"matchCriteriaId\":\"2F1E356E-A599-4741-BD5C-B6CD8C23F8F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.9.0\",\"matchCriteriaId\":\"BD090ABA-35A0-4884-B811-F2681DCDE777\"}]}]}],\"references\":[{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/104442\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041090\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2552\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2553\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3221\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3505\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1296\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1297\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1543\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-419820.pdf\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3984ef0b72831da8b3ece4745cac4f8575b19098\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ea7abeeabf92b7aca160bdd0208636d4da69f4f4\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201811-03\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20181105-0001/\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190118-0002/\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://securityadvisories.paloaltonetworks.com/Home/Detail/133\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3692-1/\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3692-2/\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4348\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4355\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openssl.org/news/secadv/20180612.txt\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2018-12\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2018-13\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2018-14\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2018-17\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/104442\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041090\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2552\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2553\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3221\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3505\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1296\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1297\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1543\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-419820.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3984ef0b72831da8b3ece4745cac4f8575b19098\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ea7abeeabf92b7aca160bdd0208636d4da69f4f4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201811-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20181105-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190118-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://securityadvisories.paloaltonetworks.com/Home/Detail/133\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3692-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3692-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4348\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4355\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openssl.org/news/secadv/20180612.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2018-12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2018-13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2018-14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2018-17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
SUSE-SU-2018:1887-1
Vulnerability from csaf_suse - Published: 2018-07-05 06:36 - Updated: 2018-07-05 06:36Summary
Security update for openssl
Severity
Moderate
Notes
Title of the patch: Security update for openssl
Description of the patch: This update for openssl fixes the following issues:
- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
ciphersuite a malicious server could have sent a very large prime value to the
client. This caused the client to spend an unreasonably long period of time
generating a key for this prime resulting in a hang until the client has
finished. This could be exploited in a Denial Of Service attack (bsc#1097158).
- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)
Patchnames: SUSE-OpenStack-Cloud-7-2018-1276,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-1276,SUSE-SLE-DESKTOP-12-SP3-2018-1276,SUSE-SLE-SAP-12-SP2-2018-1276,SUSE-SLE-SDK-12-SP3-2018-1276,SUSE-SLE-SERVER-12-SP2-2018-1276,SUSE-SLE-SERVER-12-SP3-2018-1276,SUSE-Storage-4-2018-1276
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
98 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 4:libopenssl-devel-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libopenssl1_0_0-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:openssl-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:openssl-doc-1.0.2j-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:openssl-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl-devel-1.0.2j-60.30.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl-devel-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl-devel-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-1.0.2j-60.30.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-doc-1.0.2j-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssl-doc-1.0.2j-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl-devel-1.0.2j-60.30.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl-devel-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssl-1.0.2j-60.30.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssl-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssl-doc-1.0.2j-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-doc-1.0.2j-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libopenssl-devel-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libopenssl-devel-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libopenssl1_0_0-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libopenssl1_0_0-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:openssl-1.0.2j-60.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:openssl-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:openssl-doc-1.0.2j-60.30.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl fixes the following issues:\n\n- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based\n ciphersuite a malicious server could have sent a very large prime value to the\n client. This caused the client to spend an unreasonably long period of time\n generating a key for this prime resulting in a hang until the client has\n finished. This could be exploited in a Denial Of Service attack (bsc#1097158).\n- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-OpenStack-Cloud-7-2018-1276,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-1276,SUSE-SLE-DESKTOP-12-SP3-2018-1276,SUSE-SLE-SAP-12-SP2-2018-1276,SUSE-SLE-SDK-12-SP3-2018-1276,SUSE-SLE-SERVER-12-SP2-2018-1276,SUSE-SLE-SERVER-12-SP3-2018-1276,SUSE-Storage-4-2018-1276",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1887-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1887-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181887-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1887-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-July/004245.html"
},
{
"category": "self",
"summary": "SUSE Bug 1097158",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "self",
"summary": "SUSE Bug 1097624",
"url": "https://bugzilla.suse.com/1097624"
},
{
"category": "self",
"summary": "SUSE Bug 1098592",
"url": "https://bugzilla.suse.com/1098592"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-0732 page",
"url": "https://www.suse.com/security/cve/CVE-2018-0732/"
}
],
"title": "Security update for openssl",
"tracking": {
"current_release_date": "2018-07-05T06:36:31Z",
"generator": {
"date": "2018-07-05T06:36:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1887-1",
"initial_release_date": "2018-07-05T06:36:31Z",
"revision_history": [
{
"date": "2018-07-05T06:36:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-devel-1.0.2j-60.30.1.aarch64",
"product": {
"name": "libopenssl-devel-1.0.2j-60.30.1.aarch64",
"product_id": "libopenssl-devel-1.0.2j-60.30.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2j-60.30.1.aarch64",
"product": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.aarch64",
"product_id": "libopenssl1_0_0-1.0.2j-60.30.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.aarch64",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.aarch64",
"product_id": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-1.0.2j-60.30.1.aarch64",
"product": {
"name": "openssl-1.0.2j-60.30.1.aarch64",
"product_id": "openssl-1.0.2j-60.30.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-doc-1.0.2j-60.30.1.noarch",
"product": {
"name": "openssl-doc-1.0.2j-60.30.1.noarch",
"product_id": "openssl-doc-1.0.2j-60.30.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"product": {
"name": "libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"product_id": "libopenssl-devel-1.0.2j-60.30.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2j-60.30.1.ppc64le",
"product": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.ppc64le",
"product_id": "libopenssl1_0_0-1.0.2j-60.30.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le",
"product_id": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-1.0.2j-60.30.1.ppc64le",
"product": {
"name": "openssl-1.0.2j-60.30.1.ppc64le",
"product_id": "openssl-1.0.2j-60.30.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-devel-1.0.2j-60.30.1.s390x",
"product": {
"name": "libopenssl-devel-1.0.2j-60.30.1.s390x",
"product_id": "libopenssl-devel-1.0.2j-60.30.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2j-60.30.1.s390x",
"product": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.s390x",
"product_id": "libopenssl1_0_0-1.0.2j-60.30.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x",
"product": {
"name": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x",
"product_id": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x",
"product_id": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x",
"product": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x",
"product_id": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-1.0.2j-60.30.1.s390x",
"product": {
"name": "openssl-1.0.2j-60.30.1.s390x",
"product_id": "openssl-1.0.2j-60.30.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-devel-1.0.2j-60.30.1.x86_64",
"product": {
"name": "libopenssl-devel-1.0.2j-60.30.1.x86_64",
"product_id": "libopenssl-devel-1.0.2j-60.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"product": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"product_id": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"product": {
"name": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"product_id": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"product_id": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"product": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"product_id": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-1.0.2j-60.30.1.x86_64",
"product": {
"name": "openssl-1.0.2j-60.30.1.x86_64",
"product_id": "openssl-1.0.2j-60.30.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 7",
"product": {
"name": "SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 4",
"product": {
"name": "SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:libopenssl-devel-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:libopenssl-devel-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:libopenssl1_0_0-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl1_0_0-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:libopenssl1_0_0-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.2j-60.30.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openssl-1.0.2j-60.30.1.s390x"
},
"product_reference": "openssl-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.2j-60.30.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openssl-1.0.2j-60.30.1.x86_64"
},
"product_reference": "openssl-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-1.0.2j-60.30.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openssl-doc-1.0.2j-60.30.1.noarch"
},
"product_reference": "openssl-doc-1.0.2j-60.30.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:openssl-1.0.2j-60.30.1.x86_64"
},
"product_reference": "openssl-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl-devel-1.0.2j-60.30.1.ppc64le"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl-devel-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-1.0.2j-60.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.2j-60.30.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssl-1.0.2j-60.30.1.ppc64le"
},
"product_reference": "openssl-1.0.2j-60.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssl-1.0.2j-60.30.1.x86_64"
},
"product_reference": "openssl-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-1.0.2j-60.30.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssl-doc-1.0.2j-60.30.1.noarch"
},
"product_reference": "openssl-doc-1.0.2j-60.30.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.aarch64"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.ppc64le"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl-devel-1.0.2j-60.30.1.ppc64le"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl-devel-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl-devel-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-1.0.2j-60.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl1_0_0-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.2j-60.30.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-1.0.2j-60.30.1.ppc64le"
},
"product_reference": "openssl-1.0.2j-60.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-1.0.2j-60.30.1.s390x"
},
"product_reference": "openssl-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-1.0.2j-60.30.1.x86_64"
},
"product_reference": "openssl-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-1.0.2j-60.30.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-doc-1.0.2j-60.30.1.noarch"
},
"product_reference": "openssl-doc-1.0.2j-60.30.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.aarch64"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.ppc64le"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.aarch64"
},
"product_reference": "libopenssl1_0_0-1.0.2j-60.30.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-1.0.2j-60.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl1_0_0-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.aarch64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.2j-60.30.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.aarch64"
},
"product_reference": "openssl-1.0.2j-60.30.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.2j-60.30.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.ppc64le"
},
"product_reference": "openssl-1.0.2j-60.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.s390x"
},
"product_reference": "openssl-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.x86_64"
},
"product_reference": "openssl-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-1.0.2j-60.30.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssl-doc-1.0.2j-60.30.1.noarch"
},
"product_reference": "openssl-doc-1.0.2j-60.30.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.aarch64"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.ppc64le"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.aarch64"
},
"product_reference": "libopenssl1_0_0-1.0.2j-60.30.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-1.0.2j-60.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl1_0_0-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.aarch64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.2j-60.30.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.aarch64"
},
"product_reference": "openssl-1.0.2j-60.30.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.2j-60.30.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.ppc64le"
},
"product_reference": "openssl-1.0.2j-60.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.2j-60.30.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.s390x"
},
"product_reference": "openssl-1.0.2j-60.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.x86_64"
},
"product_reference": "openssl-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-1.0.2j-60.30.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-doc-1.0.2j-60.30.1.noarch"
},
"product_reference": "openssl-doc-1.0.2j-60.30.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:libopenssl-devel-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:libopenssl1_0_0-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.2j-60.30.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:openssl-1.0.2j-60.30.1.x86_64"
},
"product_reference": "openssl-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-1.0.2j-60.30.1.noarch as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:openssl-doc-1.0.2j-60.30.1.noarch"
},
"product_reference": "openssl-doc-1.0.2j-60.30.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-0732"
}
],
"notes": [
{
"category": "general",
"text": "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Enterprise Storage 4:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Enterprise Storage 4:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Enterprise Storage 4:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE Enterprise Storage 4:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Enterprise Storage 4:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Enterprise Storage 4:openssl-doc-1.0.2j-60.30.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl-devel-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-doc-1.0.2j-60.30.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssl-doc-1.0.2j-60.30.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssl-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssl-doc-1.0.2j-60.30.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-doc-1.0.2j-60.30.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:libopenssl-devel-1.0.2j-60.30.1.s390x",
"SUSE OpenStack Cloud 7:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-1.0.2j-60.30.1.s390x",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:openssl-1.0.2j-60.30.1.s390x",
"SUSE OpenStack Cloud 7:openssl-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:openssl-doc-1.0.2j-60.30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-0732",
"url": "https://www.suse.com/security/cve/CVE-2018-0732"
},
{
"category": "external",
"summary": "SUSE Bug 1077628 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1077628"
},
{
"category": "external",
"summary": "SUSE Bug 1097158 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "external",
"summary": "SUSE Bug 1099502 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1099502"
},
{
"category": "external",
"summary": "SUSE Bug 1106692 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1106692"
},
{
"category": "external",
"summary": "SUSE Bug 1108542 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1108542"
},
{
"category": "external",
"summary": "SUSE Bug 1110163 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1110163"
},
{
"category": "external",
"summary": "SUSE Bug 1112097 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1112097"
},
{
"category": "external",
"summary": "SUSE Bug 1122198 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1122198"
},
{
"category": "external",
"summary": "SUSE Bug 1148697 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1148697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Enterprise Storage 4:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Enterprise Storage 4:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Enterprise Storage 4:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE Enterprise Storage 4:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Enterprise Storage 4:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Enterprise Storage 4:openssl-doc-1.0.2j-60.30.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl-devel-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-doc-1.0.2j-60.30.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssl-doc-1.0.2j-60.30.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssl-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssl-doc-1.0.2j-60.30.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-doc-1.0.2j-60.30.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:libopenssl-devel-1.0.2j-60.30.1.s390x",
"SUSE OpenStack Cloud 7:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-1.0.2j-60.30.1.s390x",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:openssl-1.0.2j-60.30.1.s390x",
"SUSE OpenStack Cloud 7:openssl-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:openssl-doc-1.0.2j-60.30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Enterprise Storage 4:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Enterprise Storage 4:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Enterprise Storage 4:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE Enterprise Storage 4:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Enterprise Storage 4:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Enterprise Storage 4:openssl-doc-1.0.2j-60.30.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl-devel-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:openssl-doc-1.0.2j-60.30.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssl-doc-1.0.2j-60.30.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssl-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssl-doc-1.0.2j-60.30.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssl-doc-1.0.2j-60.30.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:libopenssl-devel-1.0.2j-60.30.1.s390x",
"SUSE OpenStack Cloud 7:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-1.0.2j-60.30.1.s390x",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-32bit-1.0.2j-60.30.1.s390x",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-1.0.2j-60.30.1.s390x",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.s390x",
"SUSE OpenStack Cloud 7:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:openssl-1.0.2j-60.30.1.s390x",
"SUSE OpenStack Cloud 7:openssl-1.0.2j-60.30.1.x86_64",
"SUSE OpenStack Cloud 7:openssl-doc-1.0.2j-60.30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-05T06:36:31Z",
"details": "important"
}
],
"title": "CVE-2018-0732"
}
]
}
SUSE-SU-2018:1887-2
Vulnerability from csaf_suse - Published: 2018-10-18 12:47 - Updated: 2018-10-18 12:47Summary
Security update for openssl
Severity
Moderate
Notes
Title of the patch: Security update for openssl
Description of the patch: This update for openssl fixes the following issues:
- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
ciphersuite a malicious server could have sent a very large prime value to the
client. This caused the client to spend an unreasonably long period of time
generating a key for this prime resulting in a hang until the client has
finished. This could be exploited in a Denial Of Service attack (bsc#1097158).
- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)
Patchnames: SUSE-SLE-SERVER-12-SP2-BCL-2018-1276
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl-devel-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:openssl-1.0.2j-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:openssl-doc-1.0.2j-60.30.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl fixes the following issues:\n\n- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based\n ciphersuite a malicious server could have sent a very large prime value to the\n client. This caused the client to spend an unreasonably long period of time\n generating a key for this prime resulting in a hang until the client has\n finished. This could be exploited in a Denial Of Service attack (bsc#1097158).\n- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SERVER-12-SP2-BCL-2018-1276",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1887-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1887-2",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181887-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1887-2",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004687.html"
},
{
"category": "self",
"summary": "SUSE Bug 1097158",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "self",
"summary": "SUSE Bug 1097624",
"url": "https://bugzilla.suse.com/1097624"
},
{
"category": "self",
"summary": "SUSE Bug 1098592",
"url": "https://bugzilla.suse.com/1098592"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-0732 page",
"url": "https://www.suse.com/security/cve/CVE-2018-0732/"
}
],
"title": "Security update for openssl",
"tracking": {
"current_release_date": "2018-10-18T12:47:51Z",
"generator": {
"date": "2018-10-18T12:47:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1887-2",
"initial_release_date": "2018-10-18T12:47:51Z",
"revision_history": [
{
"date": "2018-10-18T12:47:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssl-doc-1.0.2j-60.30.1.noarch",
"product": {
"name": "openssl-doc-1.0.2j-60.30.1.noarch",
"product_id": "openssl-doc-1.0.2j-60.30.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-devel-1.0.2j-60.30.1.x86_64",
"product": {
"name": "libopenssl-devel-1.0.2j-60.30.1.x86_64",
"product_id": "libopenssl-devel-1.0.2j-60.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"product": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"product_id": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"product": {
"name": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"product_id": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"product_id": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"product": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"product_id": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-1.0.2j-60.30.1.x86_64",
"product": {
"name": "openssl-1.0.2j-60.30.1.x86_64",
"product_id": "openssl-1.0.2j-60.30.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl-devel-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl-devel-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.2j-60.30.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:openssl-1.0.2j-60.30.1.x86_64"
},
"product_reference": "openssl-1.0.2j-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-1.0.2j-60.30.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:openssl-doc-1.0.2j-60.30.1.noarch"
},
"product_reference": "openssl-doc-1.0.2j-60.30.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-0732"
}
],
"notes": [
{
"category": "general",
"text": "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:openssl-doc-1.0.2j-60.30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-0732",
"url": "https://www.suse.com/security/cve/CVE-2018-0732"
},
{
"category": "external",
"summary": "SUSE Bug 1077628 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1077628"
},
{
"category": "external",
"summary": "SUSE Bug 1097158 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "external",
"summary": "SUSE Bug 1099502 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1099502"
},
{
"category": "external",
"summary": "SUSE Bug 1106692 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1106692"
},
{
"category": "external",
"summary": "SUSE Bug 1108542 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1108542"
},
{
"category": "external",
"summary": "SUSE Bug 1110163 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1110163"
},
{
"category": "external",
"summary": "SUSE Bug 1112097 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1112097"
},
{
"category": "external",
"summary": "SUSE Bug 1122198 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1122198"
},
{
"category": "external",
"summary": "SUSE Bug 1148697 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1148697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:openssl-doc-1.0.2j-60.30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl-devel-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-hmac-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libopenssl1_0_0-hmac-32bit-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:openssl-1.0.2j-60.30.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:openssl-doc-1.0.2j-60.30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:51Z",
"details": "important"
}
],
"title": "CVE-2018-0732"
}
]
}
SUSE-SU-2018:1968-1
Vulnerability from csaf_suse - Published: 2018-07-16 06:27 - Updated: 2018-07-16 06:27Summary
Security update for openssl
Severity
Moderate
Notes
Title of the patch: Security update for openssl
Description of the patch: This update for openssl fixes the following issues:
- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
ciphersuite a malicious server could have sent a very large prime value to the
client. This caused the client to spend an unreasonably long period of time
generating a key for this prime resulting in a hang until the client has
finished. This could be exploited in a Denial Of Service attack (bsc#1097158).
- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)
Patchnames: SUSE-SLE-SAP-12-SP1-2018-1325,SUSE-SLE-SERVER-12-SP1-2018-1325
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-1.0.1i-54.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-1.0.1i-54.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-1.0.1i-54.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-32bit-1.0.1i-54.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-32bit-1.0.1i-54.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-1.0.1i-54.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-1.0.1i-54.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-1.0.1i-54.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-1.0.1i-54.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-1.0.1i-54.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-1.0.1i-54.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-doc-1.0.1i-54.14.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-1.0.1i-54.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-1.0.1i-54.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-32bit-1.0.1i-54.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-hmac-1.0.1i-54.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-hmac-1.0.1i-54.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssl-1.0.1i-54.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssl-1.0.1i-54.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssl-doc-1.0.1i-54.14.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl fixes the following issues:\n\n- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based\n ciphersuite a malicious server could have sent a very large prime value to the\n client. This caused the client to spend an unreasonably long period of time\n generating a key for this prime resulting in a hang until the client has\n finished. This could be exploited in a Denial Of Service attack (bsc#1097158).\n- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SAP-12-SP1-2018-1325,SUSE-SLE-SERVER-12-SP1-2018-1325",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1968-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1968-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181968-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1968-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-July/004276.html"
},
{
"category": "self",
"summary": "SUSE Bug 1097158",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "self",
"summary": "SUSE Bug 1097624",
"url": "https://bugzilla.suse.com/1097624"
},
{
"category": "self",
"summary": "SUSE Bug 1098592",
"url": "https://bugzilla.suse.com/1098592"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-0732 page",
"url": "https://www.suse.com/security/cve/CVE-2018-0732/"
}
],
"title": "Security update for openssl",
"tracking": {
"current_release_date": "2018-07-16T06:27:28Z",
"generator": {
"date": "2018-07-16T06:27:28Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1968-1",
"initial_release_date": "2018-07-16T06:27:28Z",
"revision_history": [
{
"date": "2018-07-16T06:27:28Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssl-doc-1.0.1i-54.14.1.noarch",
"product": {
"name": "openssl-doc-1.0.1i-54.14.1.noarch",
"product_id": "openssl-doc-1.0.1i-54.14.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.1i-54.14.1.ppc64le",
"product": {
"name": "libopenssl1_0_0-1.0.1i-54.14.1.ppc64le",
"product_id": "libopenssl1_0_0-1.0.1i-54.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.ppc64le",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.ppc64le",
"product_id": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-1.0.1i-54.14.1.ppc64le",
"product": {
"name": "openssl-1.0.1i-54.14.1.ppc64le",
"product_id": "openssl-1.0.1i-54.14.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.1i-54.14.1.s390x",
"product": {
"name": "libopenssl1_0_0-1.0.1i-54.14.1.s390x",
"product_id": "libopenssl1_0_0-1.0.1i-54.14.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-32bit-1.0.1i-54.14.1.s390x",
"product": {
"name": "libopenssl1_0_0-32bit-1.0.1i-54.14.1.s390x",
"product_id": "libopenssl1_0_0-32bit-1.0.1i-54.14.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.s390x",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.s390x",
"product_id": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.s390x",
"product": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.s390x",
"product_id": "libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-1.0.1i-54.14.1.s390x",
"product": {
"name": "openssl-1.0.1i-54.14.1.s390x",
"product_id": "openssl-1.0.1i-54.14.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.1i-54.14.1.x86_64",
"product": {
"name": "libopenssl1_0_0-1.0.1i-54.14.1.x86_64",
"product_id": "libopenssl1_0_0-1.0.1i-54.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-32bit-1.0.1i-54.14.1.x86_64",
"product": {
"name": "libopenssl1_0_0-32bit-1.0.1i-54.14.1.x86_64",
"product_id": "libopenssl1_0_0-32bit-1.0.1i-54.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.x86_64",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.x86_64",
"product_id": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.x86_64",
"product": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.x86_64",
"product_id": "libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-1.0.1i-54.14.1.x86_64",
"product": {
"name": "openssl-1.0.1i-54.14.1.x86_64",
"product_id": "openssl-1.0.1i-54.14.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.1i-54.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-1.0.1i-54.14.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-1.0.1i-54.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.1i-54.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-1.0.1i-54.14.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.1i-54.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.1i-54.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-32bit-1.0.1i-54.14.1.x86_64"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.1i-54.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-hmac-1.0.1i-54.14.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-hmac-1.0.1i-54.14.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.1i-54.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssl-1.0.1i-54.14.1.ppc64le"
},
"product_reference": "openssl-1.0.1i-54.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.1i-54.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssl-1.0.1i-54.14.1.x86_64"
},
"product_reference": "openssl-1.0.1i-54.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-1.0.1i-54.14.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssl-doc-1.0.1i-54.14.1.noarch"
},
"product_reference": "openssl-doc-1.0.1i-54.14.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.1i-54.14.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-1.0.1i-54.14.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-1.0.1i-54.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.1i-54.14.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-1.0.1i-54.14.1.s390x"
},
"product_reference": "libopenssl1_0_0-1.0.1i-54.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.1i-54.14.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-1.0.1i-54.14.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.1i-54.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.1i-54.14.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-32bit-1.0.1i-54.14.1.s390x"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.1i-54.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.1i-54.14.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-32bit-1.0.1i-54.14.1.x86_64"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.1i-54.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-1.0.1i-54.14.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-1.0.1i-54.14.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-1.0.1i-54.14.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.1i-54.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.1i-54.14.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-1.0.1i-54.14.1.ppc64le"
},
"product_reference": "openssl-1.0.1i-54.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.1i-54.14.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-1.0.1i-54.14.1.s390x"
},
"product_reference": "openssl-1.0.1i-54.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1.0.1i-54.14.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-1.0.1i-54.14.1.x86_64"
},
"product_reference": "openssl-1.0.1i-54.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-1.0.1i-54.14.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-doc-1.0.1i-54.14.1.noarch"
},
"product_reference": "openssl-doc-1.0.1i-54.14.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-0732"
}
],
"notes": [
{
"category": "general",
"text": "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-1.0.1i-54.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-1.0.1i-54.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-32bit-1.0.1i-54.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-32bit-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-1.0.1i-54.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-1.0.1i-54.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-1.0.1i-54.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-1.0.1i-54.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-doc-1.0.1i-54.14.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-1.0.1i-54.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-32bit-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-hmac-1.0.1i-54.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-hmac-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssl-1.0.1i-54.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssl-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssl-doc-1.0.1i-54.14.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-0732",
"url": "https://www.suse.com/security/cve/CVE-2018-0732"
},
{
"category": "external",
"summary": "SUSE Bug 1077628 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1077628"
},
{
"category": "external",
"summary": "SUSE Bug 1097158 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "external",
"summary": "SUSE Bug 1099502 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1099502"
},
{
"category": "external",
"summary": "SUSE Bug 1106692 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1106692"
},
{
"category": "external",
"summary": "SUSE Bug 1108542 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1108542"
},
{
"category": "external",
"summary": "SUSE Bug 1110163 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1110163"
},
{
"category": "external",
"summary": "SUSE Bug 1112097 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1112097"
},
{
"category": "external",
"summary": "SUSE Bug 1122198 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1122198"
},
{
"category": "external",
"summary": "SUSE Bug 1148697 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1148697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-1.0.1i-54.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-1.0.1i-54.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-32bit-1.0.1i-54.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-32bit-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-1.0.1i-54.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-1.0.1i-54.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-1.0.1i-54.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-1.0.1i-54.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-doc-1.0.1i-54.14.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-1.0.1i-54.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-32bit-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-hmac-1.0.1i-54.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-hmac-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssl-1.0.1i-54.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssl-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssl-doc-1.0.1i-54.14.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-1.0.1i-54.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-1.0.1i-54.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-32bit-1.0.1i-54.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-32bit-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-1.0.1i-54.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-1.0.1i-54.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-1.0.1i-54.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-1.0.1i-54.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssl-doc-1.0.1i-54.14.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-1.0.1i-54.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-32bit-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-hmac-1.0.1i-54.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-hmac-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl1_0_0-hmac-32bit-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssl-1.0.1i-54.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssl-1.0.1i-54.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssl-doc-1.0.1i-54.14.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-16T06:27:28Z",
"details": "important"
}
],
"title": "CVE-2018-0732"
}
]
}
SUSE-SU-2018:2036-1
Vulnerability from csaf_suse - Published: 2018-07-23 08:40 - Updated: 2018-07-23 08:40Summary
Security update for openssl-1_1
Severity
Moderate
Notes
Title of the patch: Security update for openssl-1_1
Description of the patch: This update for openssl-1_1 fixes the following issues:
- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
ciphersuite a malicious server could have sent a very large prime value to the
client. This caused the client to spend an unreasonably long period of time
generating a key for this prime resulting in a hang until the client has
finished. This could be exploited in a Denial Of Service attack (bsc#1097158).
- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)
Patchnames: SUSE-SLE-Module-Basesystem-15-2018-1372
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-32bit-1.1.0h-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-32bit-1.1.0h-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-1_1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-1_1 fixes the following issues:\n\n- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based\n ciphersuite a malicious server could have sent a very large prime value to the\n client. This caused the client to spend an unreasonably long period of time\n generating a key for this prime resulting in a hang until the client has\n finished. This could be exploited in a Denial Of Service attack (bsc#1097158).\n- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Module-Basesystem-15-2018-1372",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2036-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2036-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182036-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2036-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-July/004293.html"
},
{
"category": "self",
"summary": "SUSE Bug 1097158",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "self",
"summary": "SUSE Bug 1097624",
"url": "https://bugzilla.suse.com/1097624"
},
{
"category": "self",
"summary": "SUSE Bug 1098592",
"url": "https://bugzilla.suse.com/1098592"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-0732 page",
"url": "https://www.suse.com/security/cve/CVE-2018-0732/"
}
],
"title": "Security update for openssl-1_1",
"tracking": {
"current_release_date": "2018-07-23T08:40:32Z",
"generator": {
"date": "2018-07-23T08:40:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2036-1",
"initial_release_date": "2018-07-23T08:40:32Z",
"revision_history": [
{
"date": "2018-07-23T08:40:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.0h-4.3.1.aarch64",
"product": {
"name": "libopenssl-1_1-devel-1.1.0h-4.3.1.aarch64",
"product_id": "libopenssl-1_1-devel-1.1.0h-4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.0h-4.3.1.aarch64",
"product": {
"name": "libopenssl1_1-1.1.0h-4.3.1.aarch64",
"product_id": "libopenssl1_1-1.1.0h-4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-1.1.0h-4.3.1.aarch64",
"product": {
"name": "libopenssl1_1-hmac-1.1.0h-4.3.1.aarch64",
"product_id": "libopenssl1_1-hmac-1.1.0h-4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.0h-4.3.1.aarch64",
"product": {
"name": "openssl-1_1-1.1.0h-4.3.1.aarch64",
"product_id": "openssl-1_1-1.1.0h-4.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.0h-4.3.1.ppc64le",
"product": {
"name": "libopenssl-1_1-devel-1.1.0h-4.3.1.ppc64le",
"product_id": "libopenssl-1_1-devel-1.1.0h-4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.0h-4.3.1.ppc64le",
"product": {
"name": "libopenssl1_1-1.1.0h-4.3.1.ppc64le",
"product_id": "libopenssl1_1-1.1.0h-4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-1.1.0h-4.3.1.ppc64le",
"product": {
"name": "libopenssl1_1-hmac-1.1.0h-4.3.1.ppc64le",
"product_id": "libopenssl1_1-hmac-1.1.0h-4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.0h-4.3.1.ppc64le",
"product": {
"name": "openssl-1_1-1.1.0h-4.3.1.ppc64le",
"product_id": "openssl-1_1-1.1.0h-4.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.0h-4.3.1.s390x",
"product": {
"name": "libopenssl-1_1-devel-1.1.0h-4.3.1.s390x",
"product_id": "libopenssl-1_1-devel-1.1.0h-4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.0h-4.3.1.s390x",
"product": {
"name": "libopenssl1_1-1.1.0h-4.3.1.s390x",
"product_id": "libopenssl1_1-1.1.0h-4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-1.1.0h-4.3.1.s390x",
"product": {
"name": "libopenssl1_1-hmac-1.1.0h-4.3.1.s390x",
"product_id": "libopenssl1_1-hmac-1.1.0h-4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.0h-4.3.1.s390x",
"product": {
"name": "openssl-1_1-1.1.0h-4.3.1.s390x",
"product_id": "openssl-1_1-1.1.0h-4.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.0h-4.3.1.x86_64",
"product": {
"name": "libopenssl-1_1-devel-1.1.0h-4.3.1.x86_64",
"product_id": "libopenssl-1_1-devel-1.1.0h-4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.0h-4.3.1.x86_64",
"product": {
"name": "libopenssl1_1-1.1.0h-4.3.1.x86_64",
"product_id": "libopenssl1_1-1.1.0h-4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-32bit-1.1.0h-4.3.1.x86_64",
"product": {
"name": "libopenssl1_1-32bit-1.1.0h-4.3.1.x86_64",
"product_id": "libopenssl1_1-32bit-1.1.0h-4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-1.1.0h-4.3.1.x86_64",
"product": {
"name": "libopenssl1_1-hmac-1.1.0h-4.3.1.x86_64",
"product_id": "libopenssl1_1-hmac-1.1.0h-4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-32bit-1.1.0h-4.3.1.x86_64",
"product": {
"name": "libopenssl1_1-hmac-32bit-1.1.0h-4.3.1.x86_64",
"product_id": "libopenssl1_1-hmac-32bit-1.1.0h-4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.0h-4.3.1.x86_64",
"product": {
"name": "openssl-1_1-1.1.0h-4.3.1.x86_64",
"product_id": "openssl-1_1-1.1.0h-4.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.0h-4.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.aarch64"
},
"product_reference": "libopenssl-1_1-devel-1.1.0h-4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.0h-4.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.ppc64le"
},
"product_reference": "libopenssl-1_1-devel-1.1.0h-4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.0h-4.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.s390x"
},
"product_reference": "libopenssl-1_1-devel-1.1.0h-4.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.0h-4.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.x86_64"
},
"product_reference": "libopenssl-1_1-devel-1.1.0h-4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.0h-4.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.aarch64"
},
"product_reference": "libopenssl1_1-1.1.0h-4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.0h-4.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.ppc64le"
},
"product_reference": "libopenssl1_1-1.1.0h-4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.0h-4.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.s390x"
},
"product_reference": "libopenssl1_1-1.1.0h-4.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.0h-4.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.x86_64"
},
"product_reference": "libopenssl1_1-1.1.0h-4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-32bit-1.1.0h-4.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-32bit-1.1.0h-4.3.1.x86_64"
},
"product_reference": "libopenssl1_1-32bit-1.1.0h-4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.0h-4.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.aarch64"
},
"product_reference": "libopenssl1_1-hmac-1.1.0h-4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.0h-4.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.ppc64le"
},
"product_reference": "libopenssl1_1-hmac-1.1.0h-4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.0h-4.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.s390x"
},
"product_reference": "libopenssl1_1-hmac-1.1.0h-4.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.0h-4.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.x86_64"
},
"product_reference": "libopenssl1_1-hmac-1.1.0h-4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-32bit-1.1.0h-4.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-32bit-1.1.0h-4.3.1.x86_64"
},
"product_reference": "libopenssl1_1-hmac-32bit-1.1.0h-4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.0h-4.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.aarch64"
},
"product_reference": "openssl-1_1-1.1.0h-4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.0h-4.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.ppc64le"
},
"product_reference": "openssl-1_1-1.1.0h-4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.0h-4.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.s390x"
},
"product_reference": "openssl-1_1-1.1.0h-4.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.0h-4.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.x86_64"
},
"product_reference": "openssl-1_1-1.1.0h-4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-0732"
}
],
"notes": [
{
"category": "general",
"text": "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-32bit-1.1.0h-4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-32bit-1.1.0h-4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-0732",
"url": "https://www.suse.com/security/cve/CVE-2018-0732"
},
{
"category": "external",
"summary": "SUSE Bug 1077628 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1077628"
},
{
"category": "external",
"summary": "SUSE Bug 1097158 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "external",
"summary": "SUSE Bug 1099502 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1099502"
},
{
"category": "external",
"summary": "SUSE Bug 1106692 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1106692"
},
{
"category": "external",
"summary": "SUSE Bug 1108542 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1108542"
},
{
"category": "external",
"summary": "SUSE Bug 1110163 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1110163"
},
{
"category": "external",
"summary": "SUSE Bug 1112097 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1112097"
},
{
"category": "external",
"summary": "SUSE Bug 1122198 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1122198"
},
{
"category": "external",
"summary": "SUSE Bug 1148697 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1148697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-32bit-1.1.0h-4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-32bit-1.1.0h-4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl-1_1-devel-1.1.0h-4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-1.1.0h-4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-32bit-1.1.0h-4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-1.1.0h-4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libopenssl1_1-hmac-32bit-1.1.0h-4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:openssl-1_1-1.1.0h-4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-23T08:40:32Z",
"details": "important"
}
],
"title": "CVE-2018-0732"
}
]
}
SUSE-SU-2018:2041-1
Vulnerability from csaf_suse - Published: 2018-07-23 08:37 - Updated: 2018-07-23 08:37Summary
Security update for openssl-1_1
Severity
Moderate
Notes
Title of the patch: Security update for openssl-1_1
Description of the patch: This update for openssl-1_1 fixes the following issues:
- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
ciphersuite a malicious server could have sent a very large prime value to the
client. This caused the client to spend an unreasonably long period of time
generating a key for this prime resulting in a hang until the client has
finished. This could be exploited in a Denial Of Service attack (bsc#1097158).
- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)
Patchnames: SUSE-SLE-Module-Legacy-15-2018-1371
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-1_1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-1_1 fixes the following issues:\n\n- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based\n ciphersuite a malicious server could have sent a very large prime value to the\n client. This caused the client to spend an unreasonably long period of time\n generating a key for this prime resulting in a hang until the client has\n finished. This could be exploited in a Denial Of Service attack (bsc#1097158).\n- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Module-Legacy-15-2018-1371",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2041-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2041-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182041-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2041-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-July/004298.html"
},
{
"category": "self",
"summary": "SUSE Bug 1097158",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "self",
"summary": "SUSE Bug 1097624",
"url": "https://bugzilla.suse.com/1097624"
},
{
"category": "self",
"summary": "SUSE Bug 1098592",
"url": "https://bugzilla.suse.com/1098592"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-0732 page",
"url": "https://www.suse.com/security/cve/CVE-2018-0732/"
}
],
"title": "Security update for openssl-1_1",
"tracking": {
"current_release_date": "2018-07-23T08:37:04Z",
"generator": {
"date": "2018-07-23T08:37:04Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2041-1",
"initial_release_date": "2018-07-23T08:37:04Z",
"revision_history": [
{
"date": "2018-07-23T08:37:04Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.aarch64",
"product": {
"name": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.aarch64",
"product_id": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2n-3.3.1.aarch64",
"product": {
"name": "libopenssl1_0_0-1.0.2n-3.3.1.aarch64",
"product_id": "libopenssl1_0_0-1.0.2n-3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-1.0.2n-3.3.1.aarch64",
"product": {
"name": "openssl-1_0_0-1.0.2n-3.3.1.aarch64",
"product_id": "openssl-1_0_0-1.0.2n-3.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.ppc64le",
"product": {
"name": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.ppc64le",
"product_id": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2n-3.3.1.ppc64le",
"product": {
"name": "libopenssl1_0_0-1.0.2n-3.3.1.ppc64le",
"product_id": "libopenssl1_0_0-1.0.2n-3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-1.0.2n-3.3.1.ppc64le",
"product": {
"name": "openssl-1_0_0-1.0.2n-3.3.1.ppc64le",
"product_id": "openssl-1_0_0-1.0.2n-3.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.s390x",
"product": {
"name": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.s390x",
"product_id": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2n-3.3.1.s390x",
"product": {
"name": "libopenssl1_0_0-1.0.2n-3.3.1.s390x",
"product_id": "libopenssl1_0_0-1.0.2n-3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-1.0.2n-3.3.1.s390x",
"product": {
"name": "openssl-1_0_0-1.0.2n-3.3.1.s390x",
"product_id": "openssl-1_0_0-1.0.2n-3.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.x86_64",
"product": {
"name": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.x86_64",
"product_id": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2n-3.3.1.x86_64",
"product": {
"name": "libopenssl1_0_0-1.0.2n-3.3.1.x86_64",
"product_id": "libopenssl1_0_0-1.0.2n-3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-1.0.2n-3.3.1.x86_64",
"product": {
"name": "openssl-1_0_0-1.0.2n-3.3.1.x86_64",
"product_id": "openssl-1_0_0-1.0.2n-3.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.aarch64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.ppc64le"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.s390x"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2n-3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2n-3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.aarch64"
},
"product_reference": "libopenssl1_0_0-1.0.2n-3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2n-3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-1.0.2n-3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2n-3.3.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.s390x"
},
"product_reference": "libopenssl1_0_0-1.0.2n-3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2n-3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2n-3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2n-3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.aarch64"
},
"product_reference": "openssl-1_0_0-1.0.2n-3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2n-3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.ppc64le"
},
"product_reference": "openssl-1_0_0-1.0.2n-3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2n-3.3.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.s390x"
},
"product_reference": "openssl-1_0_0-1.0.2n-3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2n-3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.x86_64"
},
"product_reference": "openssl-1_0_0-1.0.2n-3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-0732"
}
],
"notes": [
{
"category": "general",
"text": "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-0732",
"url": "https://www.suse.com/security/cve/CVE-2018-0732"
},
{
"category": "external",
"summary": "SUSE Bug 1077628 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1077628"
},
{
"category": "external",
"summary": "SUSE Bug 1097158 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "external",
"summary": "SUSE Bug 1099502 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1099502"
},
{
"category": "external",
"summary": "SUSE Bug 1106692 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1106692"
},
{
"category": "external",
"summary": "SUSE Bug 1108542 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1108542"
},
{
"category": "external",
"summary": "SUSE Bug 1110163 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1110163"
},
{
"category": "external",
"summary": "SUSE Bug 1112097 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1112097"
},
{
"category": "external",
"summary": "SUSE Bug 1122198 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1122198"
},
{
"category": "external",
"summary": "SUSE Bug 1148697 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1148697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl-1_0_0-devel-1.0.2n-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:libopenssl1_0_0-1.0.2n-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:openssl-1_0_0-1.0.2n-3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-23T08:37:04Z",
"details": "important"
}
],
"title": "CVE-2018-0732"
}
]
}
SUSE-SU-2018:2207-1
Vulnerability from csaf_suse - Published: 2018-08-06 07:58 - Updated: 2018-08-06 07:58Summary
Security update for openssl
Severity
Moderate
Notes
Title of the patch: Security update for openssl
Description of the patch: This update for openssl fixes the following issues:
- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
ciphersuite a malicious server could have sent a very large prime value to the
client. This caused the client to spend an unreasonably long period of time
generating a key for this prime resulting in a hang until the client has
finished. This could be exploited in a Denial Of Service attack (bsc#1097158).
- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)
Patchnames: sdksp4-openssl-13713,sleposp3-openssl-13713,slessp3-openssl-13713,slessp4-openssl-13713,slestso13-openssl-13713
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
106 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:libopenssl-devel-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:libopenssl0_9_8-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:openssl-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:openssl-doc-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl-devel-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl-devel-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl-devel-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-doc-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-doc-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-doc-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl-devel-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl-devel-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl-devel-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-x86-0.9.8j-0.106.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-x86-0.9.8j-0.106.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-32bit-0.9.8j-0.106.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-32bit-0.9.8j-0.106.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-32bit-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.106.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl fixes the following issues:\n\n- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based\n ciphersuite a malicious server could have sent a very large prime value to the\n client. This caused the client to spend an unreasonably long period of time\n generating a key for this prime resulting in a hang until the client has\n finished. This could be exploited in a Denial Of Service attack (bsc#1097158).\n- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sdksp4-openssl-13713,sleposp3-openssl-13713,slessp3-openssl-13713,slessp4-openssl-13713,slestso13-openssl-13713",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2207-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2207-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182207-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2207-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-August/004375.html"
},
{
"category": "self",
"summary": "SUSE Bug 1097158",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "self",
"summary": "SUSE Bug 1097624",
"url": "https://bugzilla.suse.com/1097624"
},
{
"category": "self",
"summary": "SUSE Bug 1098592",
"url": "https://bugzilla.suse.com/1098592"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-0732 page",
"url": "https://www.suse.com/security/cve/CVE-2018-0732/"
}
],
"title": "Security update for openssl",
"tracking": {
"current_release_date": "2018-08-06T07:58:35Z",
"generator": {
"date": "2018-08-06T07:58:35Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2207-1",
"initial_release_date": "2018-08-06T07:58:35Z",
"revision_history": [
{
"date": "2018-08-06T07:58:35Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-devel-0.9.8j-0.106.12.1.i586",
"product": {
"name": "libopenssl-devel-0.9.8j-0.106.12.1.i586",
"product_id": "libopenssl-devel-0.9.8j-0.106.12.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"product": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"product_id": "libopenssl0_9_8-0.9.8j-0.106.12.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"product": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"product_id": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586"
}
},
{
"category": "product_version",
"name": "openssl-0.9.8j-0.106.12.1.i586",
"product": {
"name": "openssl-0.9.8j-0.106.12.1.i586",
"product_id": "openssl-0.9.8j-0.106.12.1.i586"
}
},
{
"category": "product_version",
"name": "openssl-doc-0.9.8j-0.106.12.1.i586",
"product": {
"name": "openssl-doc-0.9.8j-0.106.12.1.i586",
"product_id": "openssl-doc-0.9.8j-0.106.12.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-devel-0.9.8j-0.106.12.1.ia64",
"product": {
"name": "libopenssl-devel-0.9.8j-0.106.12.1.ia64",
"product_id": "libopenssl-devel-0.9.8j-0.106.12.1.ia64"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.ia64",
"product": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.ia64",
"product_id": "libopenssl0_9_8-0.9.8j-0.106.12.1.ia64"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ia64",
"product": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ia64",
"product_id": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ia64"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-x86-0.9.8j-0.106.12.1.ia64",
"product": {
"name": "libopenssl0_9_8-x86-0.9.8j-0.106.12.1.ia64",
"product_id": "libopenssl0_9_8-x86-0.9.8j-0.106.12.1.ia64"
}
},
{
"category": "product_version",
"name": "openssl-0.9.8j-0.106.12.1.ia64",
"product": {
"name": "openssl-0.9.8j-0.106.12.1.ia64",
"product_id": "openssl-0.9.8j-0.106.12.1.ia64"
}
},
{
"category": "product_version",
"name": "openssl-doc-0.9.8j-0.106.12.1.ia64",
"product": {
"name": "openssl-doc-0.9.8j-0.106.12.1.ia64",
"product_id": "openssl-doc-0.9.8j-0.106.12.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-devel-0.9.8j-0.106.12.1.ppc64",
"product": {
"name": "libopenssl-devel-0.9.8j-0.106.12.1.ppc64",
"product_id": "libopenssl-devel-0.9.8j-0.106.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "libopenssl-devel-32bit-0.9.8j-0.106.12.1.ppc64",
"product": {
"name": "libopenssl-devel-32bit-0.9.8j-0.106.12.1.ppc64",
"product_id": "libopenssl-devel-32bit-0.9.8j-0.106.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.ppc64",
"product": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.ppc64",
"product_id": "libopenssl0_9_8-0.9.8j-0.106.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.ppc64",
"product": {
"name": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.ppc64",
"product_id": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ppc64",
"product": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ppc64",
"product_id": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.ppc64",
"product": {
"name": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.ppc64",
"product_id": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "openssl-0.9.8j-0.106.12.1.ppc64",
"product": {
"name": "openssl-0.9.8j-0.106.12.1.ppc64",
"product_id": "openssl-0.9.8j-0.106.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "openssl-doc-0.9.8j-0.106.12.1.ppc64",
"product": {
"name": "openssl-doc-0.9.8j-0.106.12.1.ppc64",
"product_id": "openssl-doc-0.9.8j-0.106.12.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-devel-0.9.8j-0.106.12.1.s390x",
"product": {
"name": "libopenssl-devel-0.9.8j-0.106.12.1.s390x",
"product_id": "libopenssl-devel-0.9.8j-0.106.12.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl-devel-32bit-0.9.8j-0.106.12.1.s390x",
"product": {
"name": "libopenssl-devel-32bit-0.9.8j-0.106.12.1.s390x",
"product_id": "libopenssl-devel-32bit-0.9.8j-0.106.12.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.s390x",
"product": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.s390x",
"product_id": "libopenssl0_9_8-0.9.8j-0.106.12.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x",
"product": {
"name": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x",
"product_id": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x",
"product": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x",
"product_id": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x",
"product": {
"name": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x",
"product_id": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-0.9.8j-0.106.12.1.s390x",
"product": {
"name": "openssl-0.9.8j-0.106.12.1.s390x",
"product_id": "openssl-0.9.8j-0.106.12.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-doc-0.9.8j-0.106.12.1.s390x",
"product": {
"name": "openssl-doc-0.9.8j-0.106.12.1.s390x",
"product_id": "openssl-doc-0.9.8j-0.106.12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-devel-0.9.8j-0.106.12.1.x86_64",
"product": {
"name": "libopenssl-devel-0.9.8j-0.106.12.1.x86_64",
"product_id": "libopenssl-devel-0.9.8j-0.106.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-devel-32bit-0.9.8j-0.106.12.1.x86_64",
"product": {
"name": "libopenssl-devel-32bit-0.9.8j-0.106.12.1.x86_64",
"product_id": "libopenssl-devel-32bit-0.9.8j-0.106.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64",
"product": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64",
"product_id": "libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64",
"product": {
"name": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64",
"product_id": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64",
"product": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64",
"product_id": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64",
"product": {
"name": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64",
"product_id": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-0.9.8j-0.106.12.1.x86_64",
"product": {
"name": "openssl-0.9.8j-0.106.12.1.x86_64",
"product_id": "openssl-0.9.8j-0.106.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-doc-0.9.8j-0.106.12.1.x86_64",
"product": {
"name": "openssl-doc-0.9.8j-0.106.12.1.x86_64",
"product_id": "openssl-doc-0.9.8j-0.106.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-pos:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:sp3:teradata"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Studio Onsite 1.3",
"product": {
"name": "SUSE Studio Onsite 1.3",
"product_id": "SUSE Studio Onsite 1.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-studioonsite:1.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.i586"
},
"product_reference": "libopenssl-devel-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-0.9.8j-0.106.12.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.ia64"
},
"product_reference": "libopenssl-devel-0.9.8j-0.106.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-0.9.8j-0.106.12.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.ppc64"
},
"product_reference": "libopenssl-devel-0.9.8j-0.106.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl-devel-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl-devel-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-32bit-0.9.8j-0.106.12.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-32bit-0.9.8j-0.106.12.1.ppc64"
},
"product_reference": "libopenssl-devel-32bit-0.9.8j-0.106.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-32bit-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-32bit-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl-devel-32bit-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-32bit-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-32bit-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl-devel-32bit-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:libopenssl-devel-0.9.8j-0.106.12.1.i586"
},
"product_reference": "libopenssl-devel-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:libopenssl0_9_8-0.9.8j-0.106.12.1.i586"
},
"product_reference": "libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586"
},
"product_reference": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:openssl-0.9.8j-0.106.12.1.i586"
},
"product_reference": "openssl-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:openssl-doc-0.9.8j-0.106.12.1.i586"
},
"product_reference": "openssl-doc-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl-devel-0.9.8j-0.106.12.1.i586"
},
"product_reference": "libopenssl-devel-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl-devel-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl-devel-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl-devel-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl-devel-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-0.9.8j-0.106.12.1.i586"
},
"product_reference": "libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl0_9_8-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586"
},
"product_reference": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-0.9.8j-0.106.12.1.i586"
},
"product_reference": "openssl-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "openssl-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "openssl-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-doc-0.9.8j-0.106.12.1.i586"
},
"product_reference": "openssl-doc-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-doc-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "openssl-doc-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-doc-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "openssl-doc-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl-devel-0.9.8j-0.106.12.1.i586"
},
"product_reference": "libopenssl-devel-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl-devel-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl-devel-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl-devel-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl-devel-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.106.12.1.i586"
},
"product_reference": "libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl0_9_8-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586"
},
"product_reference": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.106.12.1.i586"
},
"product_reference": "openssl-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "openssl-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "openssl-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.106.12.1.i586"
},
"product_reference": "openssl-doc-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "openssl-doc-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "openssl-doc-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.i586"
},
"product_reference": "libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ia64"
},
"product_reference": "libopenssl0_9_8-0.9.8j-0.106.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ppc64"
},
"product_reference": "libopenssl0_9_8-0.9.8j-0.106.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl0_9_8-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.ppc64"
},
"product_reference": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586"
},
"product_reference": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ia64"
},
"product_reference": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ppc64"
},
"product_reference": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.ppc64"
},
"product_reference": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-x86-0.9.8j-0.106.12.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-x86-0.9.8j-0.106.12.1.ia64"
},
"product_reference": "libopenssl0_9_8-x86-0.9.8j-0.106.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.i586"
},
"product_reference": "openssl-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0.9.8j-0.106.12.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.ia64"
},
"product_reference": "openssl-0.9.8j-0.106.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0.9.8j-0.106.12.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.ppc64"
},
"product_reference": "openssl-0.9.8j-0.106.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "openssl-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "openssl-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.i586"
},
"product_reference": "openssl-doc-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-0.9.8j-0.106.12.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ia64"
},
"product_reference": "openssl-doc-0.9.8j-0.106.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-0.9.8j-0.106.12.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ppc64"
},
"product_reference": "openssl-doc-0.9.8j-0.106.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "openssl-doc-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "openssl-doc-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.i586"
},
"product_reference": "libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ia64"
},
"product_reference": "libopenssl0_9_8-0.9.8j-0.106.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ppc64"
},
"product_reference": "libopenssl0_9_8-0.9.8j-0.106.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl0_9_8-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.ppc64"
},
"product_reference": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586"
},
"product_reference": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ia64"
},
"product_reference": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ppc64"
},
"product_reference": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.ppc64"
},
"product_reference": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-x86-0.9.8j-0.106.12.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-x86-0.9.8j-0.106.12.1.ia64"
},
"product_reference": "libopenssl0_9_8-x86-0.9.8j-0.106.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.i586"
},
"product_reference": "openssl-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0.9.8j-0.106.12.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.ia64"
},
"product_reference": "openssl-0.9.8j-0.106.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0.9.8j-0.106.12.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.ppc64"
},
"product_reference": "openssl-0.9.8j-0.106.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "openssl-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "openssl-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-0.9.8j-0.106.12.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.i586"
},
"product_reference": "openssl-doc-0.9.8j-0.106.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-0.9.8j-0.106.12.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ia64"
},
"product_reference": "openssl-doc-0.9.8j-0.106.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-0.9.8j-0.106.12.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ppc64"
},
"product_reference": "openssl-doc-0.9.8j-0.106.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-0.9.8j-0.106.12.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.s390x"
},
"product_reference": "openssl-doc-0.9.8j-0.106.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-doc-0.9.8j-0.106.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "openssl-doc-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-devel-0.9.8j-0.106.12.1.x86_64 as component of SUSE Studio Onsite 1.3",
"product_id": "SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.106.12.1.x86_64"
},
"product_reference": "libopenssl-devel-0.9.8j-0.106.12.1.x86_64",
"relates_to_product_reference": "SUSE Studio Onsite 1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-0732"
}
],
"notes": [
{
"category": "general",
"text": "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libopenssl-devel-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssl-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssl-doc-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl-devel-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl-devel-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl-devel-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-doc-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-doc-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-doc-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl-devel-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl-devel-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl-devel-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-x86-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-x86-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-32bit-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.106.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-0732",
"url": "https://www.suse.com/security/cve/CVE-2018-0732"
},
{
"category": "external",
"summary": "SUSE Bug 1077628 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1077628"
},
{
"category": "external",
"summary": "SUSE Bug 1097158 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "external",
"summary": "SUSE Bug 1099502 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1099502"
},
{
"category": "external",
"summary": "SUSE Bug 1106692 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1106692"
},
{
"category": "external",
"summary": "SUSE Bug 1108542 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1108542"
},
{
"category": "external",
"summary": "SUSE Bug 1110163 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1110163"
},
{
"category": "external",
"summary": "SUSE Bug 1112097 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1112097"
},
{
"category": "external",
"summary": "SUSE Bug 1122198 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1122198"
},
{
"category": "external",
"summary": "SUSE Bug 1148697 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1148697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libopenssl-devel-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssl-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssl-doc-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl-devel-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl-devel-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl-devel-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-doc-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-doc-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-doc-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl-devel-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl-devel-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl-devel-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-x86-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-x86-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-32bit-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.106.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libopenssl-devel-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssl-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssl-doc-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl-devel-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl-devel-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl-devel-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-doc-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-doc-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssl-doc-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl-devel-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl-devel-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl-devel-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-x86-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-x86-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.106.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-32bit-0.9.8j-0.106.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-32bit-0.9.8j-0.106.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-32bit-0.9.8j-0.106.12.1.x86_64",
"SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.106.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-06T07:58:35Z",
"details": "important"
}
],
"title": "CVE-2018-0732"
}
]
}
SUSE-SU-2018:2534-1
Vulnerability from csaf_suse - Published: 2018-08-28 09:05 - Updated: 2018-08-28 09:05Summary
Security update for compat-openssl097g
Severity
Moderate
Notes
Title of the patch: Security update for compat-openssl097g
Description of the patch: This update for compat-openssl097g fixes the following issues:
These security issues were fixed:
- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
ciphersuite a malicious server could have sent a very large prime value to the
client. This caused the client to spend an unreasonably long period of time
generating a key for this prime resulting in a hang until the client has
finished. This could be exploited in a Denial Of Service attack (bsc#1097158)
- CVE-2018-0739: Constructed ASN.1 types with a recursive definition (such as
can be found in PKCS7) could eventually exceed the stack given malicious input
with excessive recursion. This could have resulted in DoS (bsc#1087102)
This non-security issue was fixed:
- Fixed crash in DES_fcrypt (bsc#1065363)
Patchnames: slesappsp4-compat-openssl097g-13753
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-0.9.7g-146.22.51.5.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-0.9.7g-146.22.51.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-0.9.7g-146.22.51.5.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-0.9.7g-146.22.51.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for compat-openssl097g",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for compat-openssl097g fixes the following issues:\n\nThese security issues were fixed:\n\n- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based\n ciphersuite a malicious server could have sent a very large prime value to the\n client. This caused the client to spend an unreasonably long period of time\n generating a key for this prime resulting in a hang until the client has\n finished. This could be exploited in a Denial Of Service attack (bsc#1097158)\n- CVE-2018-0739: Constructed ASN.1 types with a recursive definition (such as\n can be found in PKCS7) could eventually exceed the stack given malicious input\n with excessive recursion. This could have resulted in DoS (bsc#1087102)\n\nThis non-security issue was fixed:\n\n- Fixed crash in DES_fcrypt (bsc#1065363)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slesappsp4-compat-openssl097g-13753",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2534-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2534-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182534-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2534-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182534-1.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065363",
"url": "https://bugzilla.suse.com/1065363"
},
{
"category": "self",
"summary": "SUSE Bug 1087102",
"url": "https://bugzilla.suse.com/1087102"
},
{
"category": "self",
"summary": "SUSE Bug 1097158",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-0732 page",
"url": "https://www.suse.com/security/cve/CVE-2018-0732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-0739 page",
"url": "https://www.suse.com/security/cve/CVE-2018-0739/"
}
],
"title": "Security update for compat-openssl097g",
"tracking": {
"current_release_date": "2018-08-28T09:05:06Z",
"generator": {
"date": "2018-08-28T09:05:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2534-1",
"initial_release_date": "2018-08-28T09:05:06Z",
"revision_history": [
{
"date": "2018-08-28T09:05:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "compat-openssl097g-0.9.7g-146.22.51.5.1.ppc64",
"product": {
"name": "compat-openssl097g-0.9.7g-146.22.51.5.1.ppc64",
"product_id": "compat-openssl097g-0.9.7g-146.22.51.5.1.ppc64"
}
},
{
"category": "product_version",
"name": "compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.ppc64",
"product": {
"name": "compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.ppc64",
"product_id": "compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "compat-openssl097g-0.9.7g-146.22.51.5.1.x86_64",
"product": {
"name": "compat-openssl097g-0.9.7g-146.22.51.5.1.x86_64",
"product_id": "compat-openssl097g-0.9.7g-146.22.51.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.x86_64",
"product": {
"name": "compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.x86_64",
"product_id": "compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "compat-openssl097g-0.9.7g-146.22.51.5.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-0.9.7g-146.22.51.5.1.ppc64"
},
"product_reference": "compat-openssl097g-0.9.7g-146.22.51.5.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "compat-openssl097g-0.9.7g-146.22.51.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-0.9.7g-146.22.51.5.1.x86_64"
},
"product_reference": "compat-openssl097g-0.9.7g-146.22.51.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.ppc64"
},
"product_reference": "compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.x86_64"
},
"product_reference": "compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-0732"
}
],
"notes": [
{
"category": "general",
"text": "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-0.9.7g-146.22.51.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-0.9.7g-146.22.51.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-0732",
"url": "https://www.suse.com/security/cve/CVE-2018-0732"
},
{
"category": "external",
"summary": "SUSE Bug 1077628 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1077628"
},
{
"category": "external",
"summary": "SUSE Bug 1097158 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "external",
"summary": "SUSE Bug 1099502 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1099502"
},
{
"category": "external",
"summary": "SUSE Bug 1106692 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1106692"
},
{
"category": "external",
"summary": "SUSE Bug 1108542 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1108542"
},
{
"category": "external",
"summary": "SUSE Bug 1110163 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1110163"
},
{
"category": "external",
"summary": "SUSE Bug 1112097 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1112097"
},
{
"category": "external",
"summary": "SUSE Bug 1122198 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1122198"
},
{
"category": "external",
"summary": "SUSE Bug 1148697 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1148697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-0.9.7g-146.22.51.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-0.9.7g-146.22.51.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-0.9.7g-146.22.51.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-0.9.7g-146.22.51.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-28T09:05:06Z",
"details": "important"
}
],
"title": "CVE-2018-0732"
},
{
"cve": "CVE-2018-0739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-0739"
}
],
"notes": [
{
"category": "general",
"text": "Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-0.9.7g-146.22.51.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-0.9.7g-146.22.51.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-0739",
"url": "https://www.suse.com/security/cve/CVE-2018-0739"
},
{
"category": "external",
"summary": "SUSE Bug 1087102 for CVE-2018-0739",
"url": "https://bugzilla.suse.com/1087102"
},
{
"category": "external",
"summary": "SUSE Bug 1089997 for CVE-2018-0739",
"url": "https://bugzilla.suse.com/1089997"
},
{
"category": "external",
"summary": "SUSE Bug 1094291 for CVE-2018-0739",
"url": "https://bugzilla.suse.com/1094291"
},
{
"category": "external",
"summary": "SUSE Bug 1108542 for CVE-2018-0739",
"url": "https://bugzilla.suse.com/1108542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-0.9.7g-146.22.51.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-0.9.7g-146.22.51.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-0.9.7g-146.22.51.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-0.9.7g-146.22.51.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-openssl097g-32bit-0.9.7g-146.22.51.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-28T09:05:06Z",
"details": "important"
}
],
"title": "CVE-2018-0739"
}
]
}
SUSE-SU-2018:2545-1
Vulnerability from csaf_suse - Published: 2018-08-28 15:32 - Updated: 2018-08-28 15:32Summary
Security update for openssl1
Severity
Moderate
Notes
Title of the patch: Security update for openssl1
Description of the patch: This update for openssl1 fixes the following security issues:
- CVE-2018-0737: The RSA Key generation algorithm has been shown to be
vulnerable to a cache timing side channel attack. An attacker with sufficient
access to mount cache timing attacks during the RSA key generation process
could have recovered the private key (bsc#1089039)
- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
ciphersuite a malicious server could have sent a very large prime value to the
client. This caused the client to spend an unreasonably long period of time
generating a key for this prime resulting in a hang until the client has
finished. This could be exploited in a Denial Of Service attack (bsc#1097158)
- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)
Patchnames: secsp3-openssl1-13755
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-x86-1.0.1g-0.58.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-x86-1.0.1g-0.58.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
28 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl1 fixes the following security issues:\n\n- CVE-2018-0737: The RSA Key generation algorithm has been shown to be\n vulnerable to a cache timing side channel attack. An attacker with sufficient\n access to mount cache timing attacks during the RSA key generation process\n could have recovered the private key (bsc#1089039)\n- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based\n ciphersuite a malicious server could have sent a very large prime value to the\n client. This caused the client to spend an unreasonably long period of time\n generating a key for this prime resulting in a hang until the client has\n finished. This could be exploited in a Denial Of Service attack (bsc#1097158)\n- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "secsp3-openssl1-13755",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2545-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2545-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182545-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2545-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-August/004505.html"
},
{
"category": "self",
"summary": "SUSE Bug 1089039",
"url": "https://bugzilla.suse.com/1089039"
},
{
"category": "self",
"summary": "SUSE Bug 1097158",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "self",
"summary": "SUSE Bug 1097624",
"url": "https://bugzilla.suse.com/1097624"
},
{
"category": "self",
"summary": "SUSE Bug 1098592",
"url": "https://bugzilla.suse.com/1098592"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-0732 page",
"url": "https://www.suse.com/security/cve/CVE-2018-0732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-0737 page",
"url": "https://www.suse.com/security/cve/CVE-2018-0737/"
}
],
"title": "Security update for openssl1",
"tracking": {
"current_release_date": "2018-08-28T15:32:39Z",
"generator": {
"date": "2018-08-28T15:32:39Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2545-1",
"initial_release_date": "2018-08-28T15:32:39Z",
"revision_history": [
{
"date": "2018-08-28T15:32:39Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl1-devel-1.0.1g-0.58.12.1.i586",
"product": {
"name": "libopenssl1-devel-1.0.1g-0.58.12.1.i586",
"product_id": "libopenssl1-devel-1.0.1g-0.58.12.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.1g-0.58.12.1.i586",
"product": {
"name": "libopenssl1_0_0-1.0.1g-0.58.12.1.i586",
"product_id": "libopenssl1_0_0-1.0.1g-0.58.12.1.i586"
}
},
{
"category": "product_version",
"name": "openssl1-1.0.1g-0.58.12.1.i586",
"product": {
"name": "openssl1-1.0.1g-0.58.12.1.i586",
"product_id": "openssl1-1.0.1g-0.58.12.1.i586"
}
},
{
"category": "product_version",
"name": "openssl1-doc-1.0.1g-0.58.12.1.i586",
"product": {
"name": "openssl1-doc-1.0.1g-0.58.12.1.i586",
"product_id": "openssl1-doc-1.0.1g-0.58.12.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl1-devel-1.0.1g-0.58.12.1.ia64",
"product": {
"name": "libopenssl1-devel-1.0.1g-0.58.12.1.ia64",
"product_id": "libopenssl1-devel-1.0.1g-0.58.12.1.ia64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.1g-0.58.12.1.ia64",
"product": {
"name": "libopenssl1_0_0-1.0.1g-0.58.12.1.ia64",
"product_id": "libopenssl1_0_0-1.0.1g-0.58.12.1.ia64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-x86-1.0.1g-0.58.12.1.ia64",
"product": {
"name": "libopenssl1_0_0-x86-1.0.1g-0.58.12.1.ia64",
"product_id": "libopenssl1_0_0-x86-1.0.1g-0.58.12.1.ia64"
}
},
{
"category": "product_version",
"name": "openssl1-1.0.1g-0.58.12.1.ia64",
"product": {
"name": "openssl1-1.0.1g-0.58.12.1.ia64",
"product_id": "openssl1-1.0.1g-0.58.12.1.ia64"
}
},
{
"category": "product_version",
"name": "openssl1-doc-1.0.1g-0.58.12.1.ia64",
"product": {
"name": "openssl1-doc-1.0.1g-0.58.12.1.ia64",
"product_id": "openssl1-doc-1.0.1g-0.58.12.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl1-devel-1.0.1g-0.58.12.1.ppc64",
"product": {
"name": "libopenssl1-devel-1.0.1g-0.58.12.1.ppc64",
"product_id": "libopenssl1-devel-1.0.1g-0.58.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.1g-0.58.12.1.ppc64",
"product": {
"name": "libopenssl1_0_0-1.0.1g-0.58.12.1.ppc64",
"product_id": "libopenssl1_0_0-1.0.1g-0.58.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.ppc64",
"product": {
"name": "libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.ppc64",
"product_id": "libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "openssl1-1.0.1g-0.58.12.1.ppc64",
"product": {
"name": "openssl1-1.0.1g-0.58.12.1.ppc64",
"product_id": "openssl1-1.0.1g-0.58.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "openssl1-doc-1.0.1g-0.58.12.1.ppc64",
"product": {
"name": "openssl1-doc-1.0.1g-0.58.12.1.ppc64",
"product_id": "openssl1-doc-1.0.1g-0.58.12.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl1-devel-1.0.1g-0.58.12.1.s390x",
"product": {
"name": "libopenssl1-devel-1.0.1g-0.58.12.1.s390x",
"product_id": "libopenssl1-devel-1.0.1g-0.58.12.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.1g-0.58.12.1.s390x",
"product": {
"name": "libopenssl1_0_0-1.0.1g-0.58.12.1.s390x",
"product_id": "libopenssl1_0_0-1.0.1g-0.58.12.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.s390x",
"product": {
"name": "libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.s390x",
"product_id": "libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl1-1.0.1g-0.58.12.1.s390x",
"product": {
"name": "openssl1-1.0.1g-0.58.12.1.s390x",
"product_id": "openssl1-1.0.1g-0.58.12.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl1-doc-1.0.1g-0.58.12.1.s390x",
"product": {
"name": "openssl1-doc-1.0.1g-0.58.12.1.s390x",
"product_id": "openssl1-doc-1.0.1g-0.58.12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl1-devel-1.0.1g-0.58.12.1.x86_64",
"product": {
"name": "libopenssl1-devel-1.0.1g-0.58.12.1.x86_64",
"product_id": "libopenssl1-devel-1.0.1g-0.58.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.1g-0.58.12.1.x86_64",
"product": {
"name": "libopenssl1_0_0-1.0.1g-0.58.12.1.x86_64",
"product_id": "libopenssl1_0_0-1.0.1g-0.58.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.x86_64",
"product": {
"name": "libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.x86_64",
"product_id": "libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl1-1.0.1g-0.58.12.1.x86_64",
"product": {
"name": "openssl1-1.0.1g-0.58.12.1.x86_64",
"product_id": "openssl1-1.0.1g-0.58.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl1-doc-1.0.1g-0.58.12.1.x86_64",
"product": {
"name": "openssl1-doc-1.0.1g-0.58.12.1.x86_64",
"product_id": "openssl1-doc-1.0.1g-0.58.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11-SECURITY",
"product": {
"name": "SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:security"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1-devel-1.0.1g-0.58.12.1.i586 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.i586"
},
"product_reference": "libopenssl1-devel-1.0.1g-0.58.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1-devel-1.0.1g-0.58.12.1.ia64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.ia64"
},
"product_reference": "libopenssl1-devel-1.0.1g-0.58.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1-devel-1.0.1g-0.58.12.1.ppc64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.ppc64"
},
"product_reference": "libopenssl1-devel-1.0.1g-0.58.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1-devel-1.0.1g-0.58.12.1.s390x as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.s390x"
},
"product_reference": "libopenssl1-devel-1.0.1g-0.58.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1-devel-1.0.1g-0.58.12.1.x86_64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.x86_64"
},
"product_reference": "libopenssl1-devel-1.0.1g-0.58.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.1g-0.58.12.1.i586 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.i586"
},
"product_reference": "libopenssl1_0_0-1.0.1g-0.58.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.1g-0.58.12.1.ia64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.ia64"
},
"product_reference": "libopenssl1_0_0-1.0.1g-0.58.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.1g-0.58.12.1.ppc64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.ppc64"
},
"product_reference": "libopenssl1_0_0-1.0.1g-0.58.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.1g-0.58.12.1.s390x as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.s390x"
},
"product_reference": "libopenssl1_0_0-1.0.1g-0.58.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.1g-0.58.12.1.x86_64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.1g-0.58.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.ppc64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.ppc64"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.s390x as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.s390x"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.x86_64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.x86_64"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-x86-1.0.1g-0.58.12.1.ia64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-x86-1.0.1g-0.58.12.1.ia64"
},
"product_reference": "libopenssl1_0_0-x86-1.0.1g-0.58.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl1-1.0.1g-0.58.12.1.i586 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.i586"
},
"product_reference": "openssl1-1.0.1g-0.58.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl1-1.0.1g-0.58.12.1.ia64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.ia64"
},
"product_reference": "openssl1-1.0.1g-0.58.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl1-1.0.1g-0.58.12.1.ppc64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.ppc64"
},
"product_reference": "openssl1-1.0.1g-0.58.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl1-1.0.1g-0.58.12.1.s390x as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.s390x"
},
"product_reference": "openssl1-1.0.1g-0.58.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl1-1.0.1g-0.58.12.1.x86_64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.x86_64"
},
"product_reference": "openssl1-1.0.1g-0.58.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl1-doc-1.0.1g-0.58.12.1.i586 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.i586"
},
"product_reference": "openssl1-doc-1.0.1g-0.58.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl1-doc-1.0.1g-0.58.12.1.ia64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.ia64"
},
"product_reference": "openssl1-doc-1.0.1g-0.58.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl1-doc-1.0.1g-0.58.12.1.ppc64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.ppc64"
},
"product_reference": "openssl1-doc-1.0.1g-0.58.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl1-doc-1.0.1g-0.58.12.1.s390x as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.s390x"
},
"product_reference": "openssl1-doc-1.0.1g-0.58.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl1-doc-1.0.1g-0.58.12.1.x86_64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.x86_64"
},
"product_reference": "openssl1-doc-1.0.1g-0.58.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-0732"
}
],
"notes": [
{
"category": "general",
"text": "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-x86-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-0732",
"url": "https://www.suse.com/security/cve/CVE-2018-0732"
},
{
"category": "external",
"summary": "SUSE Bug 1077628 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1077628"
},
{
"category": "external",
"summary": "SUSE Bug 1097158 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "external",
"summary": "SUSE Bug 1099502 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1099502"
},
{
"category": "external",
"summary": "SUSE Bug 1106692 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1106692"
},
{
"category": "external",
"summary": "SUSE Bug 1108542 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1108542"
},
{
"category": "external",
"summary": "SUSE Bug 1110163 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1110163"
},
{
"category": "external",
"summary": "SUSE Bug 1112097 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1112097"
},
{
"category": "external",
"summary": "SUSE Bug 1122198 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1122198"
},
{
"category": "external",
"summary": "SUSE Bug 1148697 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1148697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-x86-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-x86-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-28T15:32:39Z",
"details": "important"
}
],
"title": "CVE-2018-0732"
},
{
"cve": "CVE-2018-0737",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-0737"
}
],
"notes": [
{
"category": "general",
"text": "The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-x86-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-0737",
"url": "https://www.suse.com/security/cve/CVE-2018-0737"
},
{
"category": "external",
"summary": "SUSE Bug 1089039 for CVE-2018-0737",
"url": "https://bugzilla.suse.com/1089039"
},
{
"category": "external",
"summary": "SUSE Bug 1089041 for CVE-2018-0737",
"url": "https://bugzilla.suse.com/1089041"
},
{
"category": "external",
"summary": "SUSE Bug 1089044 for CVE-2018-0737",
"url": "https://bugzilla.suse.com/1089044"
},
{
"category": "external",
"summary": "SUSE Bug 1089045 for CVE-2018-0737",
"url": "https://bugzilla.suse.com/1089045"
},
{
"category": "external",
"summary": "SUSE Bug 1108542 for CVE-2018-0737",
"url": "https://bugzilla.suse.com/1108542"
},
{
"category": "external",
"summary": "SUSE Bug 1123780 for CVE-2018-0737",
"url": "https://bugzilla.suse.com/1123780"
},
{
"category": "external",
"summary": "SUSE Bug 1126909 for CVE-2018-0737",
"url": "https://bugzilla.suse.com/1126909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-x86-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1-devel-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-32bit-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:libopenssl1_0_0-x86-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-1.0.1g-0.58.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssl1-doc-1.0.1g-0.58.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-28T15:32:39Z",
"details": "moderate"
}
],
"title": "CVE-2018-0737"
}
]
}
SUSE-SU-2018:2647-1
Vulnerability from csaf_suse - Published: 2018-09-07 09:54 - Updated: 2018-09-07 09:54Summary
Security update for nodejs4
Severity
Moderate
Notes
Title of the patch: Security update for nodejs4
Description of the patch: This update for nodejs4 fixes the following issues:
Security issues fixed:
- CVE-2018-12115: Fixed an out-of-bounds memory write in Buffer that could be
used to write to memory outside of a Buffer's memory space buffer (bsc#1105019)
- Upgrade to OpenSSL 1.0.2p, which fixed:
- CVE-2018-0732: Client denial-of-service due to large DH parameter (bsc#1097158)
- ECDSA key extraction via local side-channel
Other changes made:
- Recommend same major version npm package (bsc#1097748)
- Use absolute paths in executable shebang lines
- Fix building with ICU61.1 (bsc#1091764)
- Install license with %license, not %doc (bsc#1082318)
Patchnames: SUSE-SLE-Module-Web-Scripting-12-2018-1854,SUSE-Storage-4-2018-1854
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 4:nodejs4-4.9.1-15.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:nodejs4-4.9.1-15.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.14.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 4:nodejs4-4.9.1-15.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:nodejs4-4.9.1-15.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.14.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
23 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nodejs4",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nodejs4 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2018-12115: Fixed an out-of-bounds memory write in Buffer that could be\n used to write to memory outside of a Buffer\u0027s memory space buffer (bsc#1105019)\n- Upgrade to OpenSSL 1.0.2p, which fixed:\n - CVE-2018-0732: Client denial-of-service due to large DH parameter (bsc#1097158)\n - ECDSA key extraction via local side-channel\n\nOther changes made:\n\n- Recommend same major version npm package (bsc#1097748)\n- Use absolute paths in executable shebang lines\n- Fix building with ICU61.1 (bsc#1091764)\n- Install license with %license, not %doc (bsc#1082318)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Module-Web-Scripting-12-2018-1854,SUSE-Storage-4-2018-1854",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2647-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2647-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182647-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2647-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-September/004540.html"
},
{
"category": "self",
"summary": "SUSE Bug 1082318",
"url": "https://bugzilla.suse.com/1082318"
},
{
"category": "self",
"summary": "SUSE Bug 1091764",
"url": "https://bugzilla.suse.com/1091764"
},
{
"category": "self",
"summary": "SUSE Bug 1097158",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "self",
"summary": "SUSE Bug 1097748",
"url": "https://bugzilla.suse.com/1097748"
},
{
"category": "self",
"summary": "SUSE Bug 1105019",
"url": "https://bugzilla.suse.com/1105019"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-0732 page",
"url": "https://www.suse.com/security/cve/CVE-2018-0732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12115 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12115/"
}
],
"title": "Security update for nodejs4",
"tracking": {
"current_release_date": "2018-09-07T09:54:01Z",
"generator": {
"date": "2018-09-07T09:54:01Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2647-1",
"initial_release_date": "2018-09-07T09:54:01Z",
"revision_history": [
{
"date": "2018-09-07T09:54:01Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nodejs4-4.9.1-15.14.1.aarch64",
"product": {
"name": "nodejs4-4.9.1-15.14.1.aarch64",
"product_id": "nodejs4-4.9.1-15.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs4-devel-4.9.1-15.14.1.aarch64",
"product": {
"name": "nodejs4-devel-4.9.1-15.14.1.aarch64",
"product_id": "nodejs4-devel-4.9.1-15.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "npm4-4.9.1-15.14.1.aarch64",
"product": {
"name": "npm4-4.9.1-15.14.1.aarch64",
"product_id": "npm4-4.9.1-15.14.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs4-docs-4.9.1-15.14.1.noarch",
"product": {
"name": "nodejs4-docs-4.9.1-15.14.1.noarch",
"product_id": "nodejs4-docs-4.9.1-15.14.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs4-4.9.1-15.14.1.ppc64le",
"product": {
"name": "nodejs4-4.9.1-15.14.1.ppc64le",
"product_id": "nodejs4-4.9.1-15.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs4-devel-4.9.1-15.14.1.ppc64le",
"product": {
"name": "nodejs4-devel-4.9.1-15.14.1.ppc64le",
"product_id": "nodejs4-devel-4.9.1-15.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "npm4-4.9.1-15.14.1.ppc64le",
"product": {
"name": "npm4-4.9.1-15.14.1.ppc64le",
"product_id": "npm4-4.9.1-15.14.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs4-4.9.1-15.14.1.x86_64",
"product": {
"name": "nodejs4-4.9.1-15.14.1.x86_64",
"product_id": "nodejs4-4.9.1-15.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs4-devel-4.9.1-15.14.1.x86_64",
"product": {
"name": "nodejs4-devel-4.9.1-15.14.1.x86_64",
"product_id": "nodejs4-devel-4.9.1-15.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "npm4-4.9.1-15.14.1.x86_64",
"product": {
"name": "npm4-4.9.1-15.14.1.x86_64",
"product_id": "npm4-4.9.1-15.14.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Web and Scripting 12",
"product": {
"name": "SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-web-scripting:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 4",
"product": {
"name": "SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs4-4.9.1-15.14.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.aarch64"
},
"product_reference": "nodejs4-4.9.1-15.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs4-4.9.1-15.14.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.ppc64le"
},
"product_reference": "nodejs4-4.9.1-15.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs4-4.9.1-15.14.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.x86_64"
},
"product_reference": "nodejs4-4.9.1-15.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs4-devel-4.9.1-15.14.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.aarch64"
},
"product_reference": "nodejs4-devel-4.9.1-15.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs4-devel-4.9.1-15.14.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.ppc64le"
},
"product_reference": "nodejs4-devel-4.9.1-15.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs4-devel-4.9.1-15.14.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.x86_64"
},
"product_reference": "nodejs4-devel-4.9.1-15.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs4-docs-4.9.1-15.14.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.14.1.noarch"
},
"product_reference": "nodejs4-docs-4.9.1-15.14.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm4-4.9.1-15.14.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.aarch64"
},
"product_reference": "npm4-4.9.1-15.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm4-4.9.1-15.14.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.ppc64le"
},
"product_reference": "npm4-4.9.1-15.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm4-4.9.1-15.14.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.x86_64"
},
"product_reference": "npm4-4.9.1-15.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs4-4.9.1-15.14.1.aarch64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:nodejs4-4.9.1-15.14.1.aarch64"
},
"product_reference": "nodejs4-4.9.1-15.14.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs4-4.9.1-15.14.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:nodejs4-4.9.1-15.14.1.x86_64"
},
"product_reference": "nodejs4-4.9.1-15.14.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-0732"
}
],
"notes": [
{
"category": "general",
"text": "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.14.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.14.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.14.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-0732",
"url": "https://www.suse.com/security/cve/CVE-2018-0732"
},
{
"category": "external",
"summary": "SUSE Bug 1077628 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1077628"
},
{
"category": "external",
"summary": "SUSE Bug 1097158 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "external",
"summary": "SUSE Bug 1099502 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1099502"
},
{
"category": "external",
"summary": "SUSE Bug 1106692 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1106692"
},
{
"category": "external",
"summary": "SUSE Bug 1108542 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1108542"
},
{
"category": "external",
"summary": "SUSE Bug 1110163 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1110163"
},
{
"category": "external",
"summary": "SUSE Bug 1112097 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1112097"
},
{
"category": "external",
"summary": "SUSE Bug 1122198 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1122198"
},
{
"category": "external",
"summary": "SUSE Bug 1148697 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1148697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.14.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.14.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.14.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.14.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.14.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.14.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-07T09:54:01Z",
"details": "important"
}
],
"title": "CVE-2018-0732"
},
{
"cve": "CVE-2018-12115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12115"
}
],
"notes": [
{
"category": "general",
"text": "In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `\u0027ucs2\u0027`, `\u0027ucs-2\u0027`, `\u0027utf16le\u0027` and `\u0027utf-16le\u0027`), `Buffer#write()` can be abused to write outside of the bounds of a single `Buffer`. Writes that start from the second-to-last position of a buffer cause a miscalculation of the maximum length of the input bytes to be written.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.14.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.14.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.14.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12115",
"url": "https://www.suse.com/security/cve/CVE-2018-12115"
},
{
"category": "external",
"summary": "SUSE Bug 1105019 for CVE-2018-12115",
"url": "https://bugzilla.suse.com/1105019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.14.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.14.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.14.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.14.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.14.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.14.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.14.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.14.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-07T09:54:01Z",
"details": "moderate"
}
],
"title": "CVE-2018-12115"
}
]
}
SUSE-SU-2018:2683-1
Vulnerability from csaf_suse - Published: 2018-09-10 16:00 - Updated: 2018-09-10 16:00Summary
Security update for compat-openssl098
Severity
Moderate
Notes
Title of the patch: Security update for compat-openssl098
Description of the patch: This update for compat-openssl098 fixes the following security issues:
- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
ciphersuite a malicious server could have sent a very large prime value to the
client. This caused the client to spend an unreasonably long period of time
generating a key for this prime resulting in a hang until the client has
finished. This could be exploited in a Denial Of Service attack (bsc#1097158)
- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)
- CVE-2018-0737: The RSA Key generation algorithm has been shown to be
vulnerable to a cache timing side channel attack. An attacker with sufficient
access to mount cache timing attacks during the RSA key generation process
could have recovered the private key (bsc#1089039)
- CVE-2018-0739: Constructed ASN.1 types with a recursive definition (such as
can be found in PKCS7) could eventually exceed the stack given malicious input
with excessive recursion. This could have resulted in DoS (bsc#1087102).
Patchnames: SUSE-SLE-DESKTOP-12-SP3-2018-1872,SUSE-SLE-Module-Legacy-12-2018-1872,SUSE-SLE-SAP-12-SP1-2018-1872,SUSE-SLE-SAP-12-SP2-2018-1872,SUSE-SLE-SAP-12-SP3-2018-1872
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl0_9_8-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl0_9_8-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl0_9_8-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl0_9_8-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl0_9_8-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl0_9_8-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
35 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for compat-openssl098",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for compat-openssl098 fixes the following security issues:\n\n- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based\n ciphersuite a malicious server could have sent a very large prime value to the\n client. This caused the client to spend an unreasonably long period of time\n generating a key for this prime resulting in a hang until the client has\n finished. This could be exploited in a Denial Of Service attack (bsc#1097158)\n- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)\n- CVE-2018-0737: The RSA Key generation algorithm has been shown to be\n vulnerable to a cache timing side channel attack. An attacker with sufficient\n access to mount cache timing attacks during the RSA key generation process\n could have recovered the private key (bsc#1089039)\n- CVE-2018-0739: Constructed ASN.1 types with a recursive definition (such as\n can be found in PKCS7) could eventually exceed the stack given malicious input\n with excessive recursion. This could have resulted in DoS (bsc#1087102).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP3-2018-1872,SUSE-SLE-Module-Legacy-12-2018-1872,SUSE-SLE-SAP-12-SP1-2018-1872,SUSE-SLE-SAP-12-SP2-2018-1872,SUSE-SLE-SAP-12-SP3-2018-1872",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2683-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2683-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182683-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2683-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-September/004549.html"
},
{
"category": "self",
"summary": "SUSE Bug 1087102",
"url": "https://bugzilla.suse.com/1087102"
},
{
"category": "self",
"summary": "SUSE Bug 1089039",
"url": "https://bugzilla.suse.com/1089039"
},
{
"category": "self",
"summary": "SUSE Bug 1097158",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "self",
"summary": "SUSE Bug 1097624",
"url": "https://bugzilla.suse.com/1097624"
},
{
"category": "self",
"summary": "SUSE Bug 1098592",
"url": "https://bugzilla.suse.com/1098592"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-0732 page",
"url": "https://www.suse.com/security/cve/CVE-2018-0732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-0737 page",
"url": "https://www.suse.com/security/cve/CVE-2018-0737/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-0739 page",
"url": "https://www.suse.com/security/cve/CVE-2018-0739/"
}
],
"title": "Security update for compat-openssl098",
"tracking": {
"current_release_date": "2018-09-10T16:00:03Z",
"generator": {
"date": "2018-09-10T16:00:03Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2683-1",
"initial_release_date": "2018-09-10T16:00:03Z",
"revision_history": [
{
"date": "2018-09-10T16:00:03Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl0_9_8-0.9.8j-106.6.1.s390x",
"product": {
"name": "libopenssl0_9_8-0.9.8j-106.6.1.s390x",
"product_id": "libopenssl0_9_8-0.9.8j-106.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-32bit-0.9.8j-106.6.1.s390x",
"product": {
"name": "libopenssl0_9_8-32bit-0.9.8j-106.6.1.s390x",
"product_id": "libopenssl0_9_8-32bit-0.9.8j-106.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"product": {
"name": "libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"product_id": "libopenssl0_9_8-0.9.8j-106.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"product": {
"name": "libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"product_id": "libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 12",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 12",
"product_id": "SUSE Linux Enterprise Module for Legacy 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-106.6.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64"
},
"product_reference": "libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64"
},
"product_reference": "libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-106.6.1.s390x as component of SUSE Linux Enterprise Module for Legacy 12",
"product_id": "SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.s390x"
},
"product_reference": "libopenssl0_9_8-0.9.8j-106.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-106.6.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 12",
"product_id": "SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.x86_64"
},
"product_reference": "libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-32bit-0.9.8j-106.6.1.s390x as component of SUSE Linux Enterprise Module for Legacy 12",
"product_id": "SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.s390x"
},
"product_reference": "libopenssl0_9_8-32bit-0.9.8j-106.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 12",
"product_id": "SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64"
},
"product_reference": "libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-106.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl0_9_8-0.9.8j-106.6.1.x86_64"
},
"product_reference": "libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-106.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl0_9_8-0.9.8j-106.6.1.x86_64"
},
"product_reference": "libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl0_9_8-0.9.8j-106.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64"
},
"product_reference": "libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-0732"
}
],
"notes": [
{
"category": "general",
"text": "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-0732",
"url": "https://www.suse.com/security/cve/CVE-2018-0732"
},
{
"category": "external",
"summary": "SUSE Bug 1077628 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1077628"
},
{
"category": "external",
"summary": "SUSE Bug 1097158 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1097158"
},
{
"category": "external",
"summary": "SUSE Bug 1099502 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1099502"
},
{
"category": "external",
"summary": "SUSE Bug 1106692 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1106692"
},
{
"category": "external",
"summary": "SUSE Bug 1108542 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1108542"
},
{
"category": "external",
"summary": "SUSE Bug 1110163 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1110163"
},
{
"category": "external",
"summary": "SUSE Bug 1112097 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1112097"
},
{
"category": "external",
"summary": "SUSE Bug 1122198 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1122198"
},
{
"category": "external",
"summary": "SUSE Bug 1148697 for CVE-2018-0732",
"url": "https://bugzilla.suse.com/1148697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-10T16:00:03Z",
"details": "important"
}
],
"title": "CVE-2018-0732"
},
{
"cve": "CVE-2018-0737",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-0737"
}
],
"notes": [
{
"category": "general",
"text": "The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-0737",
"url": "https://www.suse.com/security/cve/CVE-2018-0737"
},
{
"category": "external",
"summary": "SUSE Bug 1089039 for CVE-2018-0737",
"url": "https://bugzilla.suse.com/1089039"
},
{
"category": "external",
"summary": "SUSE Bug 1089041 for CVE-2018-0737",
"url": "https://bugzilla.suse.com/1089041"
},
{
"category": "external",
"summary": "SUSE Bug 1089044 for CVE-2018-0737",
"url": "https://bugzilla.suse.com/1089044"
},
{
"category": "external",
"summary": "SUSE Bug 1089045 for CVE-2018-0737",
"url": "https://bugzilla.suse.com/1089045"
},
{
"category": "external",
"summary": "SUSE Bug 1108542 for CVE-2018-0737",
"url": "https://bugzilla.suse.com/1108542"
},
{
"category": "external",
"summary": "SUSE Bug 1123780 for CVE-2018-0737",
"url": "https://bugzilla.suse.com/1123780"
},
{
"category": "external",
"summary": "SUSE Bug 1126909 for CVE-2018-0737",
"url": "https://bugzilla.suse.com/1126909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-10T16:00:03Z",
"details": "moderate"
}
],
"title": "CVE-2018-0737"
},
{
"cve": "CVE-2018-0739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-0739"
}
],
"notes": [
{
"category": "general",
"text": "Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-0739",
"url": "https://www.suse.com/security/cve/CVE-2018-0739"
},
{
"category": "external",
"summary": "SUSE Bug 1087102 for CVE-2018-0739",
"url": "https://bugzilla.suse.com/1087102"
},
{
"category": "external",
"summary": "SUSE Bug 1089997 for CVE-2018-0739",
"url": "https://bugzilla.suse.com/1089997"
},
{
"category": "external",
"summary": "SUSE Bug 1094291 for CVE-2018-0739",
"url": "https://bugzilla.suse.com/1094291"
},
{
"category": "external",
"summary": "SUSE Bug 1108542 for CVE-2018-0739",
"url": "https://bugzilla.suse.com/1108542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenssl0_9_8-0.9.8j-106.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl0_9_8-0.9.8j-106.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-10T16:00:03Z",
"details": "important"
}
],
"title": "CVE-2018-0739"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…