Security update for gmp, gnutls, libnettle
| Announcement ID: | SUSE-SU-2020:0948-2 |
|---|---|
| Rating: | moderate |
| References: | |
| Cross-References: | |
| CVSS scores: |
|
| Affected Products: |
|
An update that solves one vulnerability, contains one feature and has three security fixes can now be installed.
Description:
This update for gmp, gnutls, libnettle fixes the following issues:
Security issue fixed:
- CVE-2020-11501: Fixed zero random value in DTLS client hello (bsc#1168345)
FIPS related bugfixes:
- FIPS: Install checksums for binary integrity verification which are required when running in FIPS mode (bsc#1152692, jsc#SLE-9518)
- FIPS: Fixed a cfb8 decryption issue, no longer truncate output IV if input is shorter than block size. (bsc#1166881)
- FIPS: Added Diffie Hellman public key verification test. (bsc#1155327)
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
Certifications Module 15-SP3
zypper in -t patch SUSE-SLE-Module-Certifications-15-SP3-2022-2391=1
Package List:
-
Certifications Module 15-SP3 (aarch64 ppc64le s390x x86_64)
- libnettle-debugsource-3.4.1-4.12.1
- libhogweed4-debuginfo-3.4.1-4.12.1
- nettle-debuginfo-3.4.1-4.12.1
- libnettle6-3.4.1-4.12.1
- gmp-devel-6.1.2-4.3.1
- gmp-debugsource-6.1.2-4.3.1
- libnettle6-debuginfo-3.4.1-4.12.1
- libnettle-devel-3.4.1-4.12.1
- nettle-3.4.1-4.12.1
- libgmpxx4-debuginfo-6.1.2-4.3.1
- libhogweed4-3.4.1-4.12.1
- libgmp10-6.1.2-4.3.1
- libgmp10-debuginfo-6.1.2-4.3.1
- libgmpxx4-6.1.2-4.3.1
-
Certifications Module 15-SP3 (x86_64)
- libhogweed4-32bit-debuginfo-3.4.1-4.12.1
- libnettle6-32bit-debuginfo-3.4.1-4.12.1
- libgmpxx4-32bit-debuginfo-6.1.2-4.3.1
- libgmpxx4-32bit-6.1.2-4.3.1
- gmp-devel-32bit-6.1.2-4.3.1
- libgmp10-32bit-6.1.2-4.3.1
- libhogweed4-32bit-3.4.1-4.12.1
- libnettle6-32bit-3.4.1-4.12.1
- libgmp10-32bit-debuginfo-6.1.2-4.3.1
- libnettle-devel-32bit-3.4.1-4.12.1