Security update for compat-openssl097g

Announcement ID: SUSE-SU-2018:2534-1
Rating: moderate
References:
Cross-References:
CVSS scores:
  • CVE-2018-0732 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  • CVE-2018-0732 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2018-0732 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2018-0739 ( SUSE ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2018-0739 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
  • SLES for SAP Applications 11-SP4

An update that solves two vulnerabilities and has one security fix can now be installed.

Description:

This update for compat-openssl097g fixes the following issues:

These security issues were fixed:

  • CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack (bsc#1097158)
  • CVE-2018-0739: Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could have resulted in DoS (bsc#1087102)

This non-security issue was fixed:

  • Fixed crash in DES_fcrypt (bsc#1065363)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SLES for SAP Applications 11-SP4
    zypper in -t patch slesappsp4-compat-openssl097g-13753=1

Package List:

  • SLES for SAP Applications 11-SP4 (ppc64 x86_64)
    • compat-openssl097g-0.9.7g-146.22.51.5.1
    • compat-openssl097g-32bit-0.9.7g-146.22.51.5.1

References: