Security update for openssl-1_1

SUSE Security Update: Security update for openssl-1_1
Announcement ID: SUSE-SU-2022:0861-1
Rating: important
References: #1182959 #1195149 #1195792 #1195856 #1196877
Cross-References:CVE-2022-0778
Affected Products:
  • SUSE Linux Enterprise Micro 5.2

An update that solves one vulnerability and has four fixes is now available.

Description:

This update for openssl-1_1 fixes the following issues:
openssl-1_1:

  • CVE-2022-0778: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (bsc#1196877).
  • Fix PAC pointer authentication in ARM (bsc#1195856)
  • Pull libopenssl-1_1 when updating openssl-1_1 with the same version (bsc#1195792)
  • FIPS: Fix function and reason error codes (bsc#1182959)
  • Enable zlib compression support (bsc#1195149)

glibc:
  • Resolve installation issue of `glibc-devel` in SUSE Linux Enterprise Micro 5.1

linux-glibc-devel:
  • Resolve installation issue of `linux-kernel-headers` in SUSE Linux Enterprise Micro 5.1

libxcrypt:
  • Resolve installation issue of `libxcrypt-devel` in SUSE Linux Enterprise Micro 5.1

zlib:
  • Resolve installation issue of `zlib-devel` in SUSE Linux Enterprise Micro 5.1

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Micro 5.2:
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-861=1

Package List:

  • SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
    • glibc-2.31-150300.20.7
    • glibc-debuginfo-2.31-150300.20.7
    • glibc-debugsource-2.31-150300.20.7
    • glibc-locale-2.31-150300.20.7
    • glibc-locale-base-2.31-150300.20.7
    • glibc-locale-base-debuginfo-2.31-150300.20.7
    • libcrypt1-4.4.15-150300.4.2.41
    • libcrypt1-debuginfo-4.4.15-150300.4.2.41
    • libopenssl-1_1-devel-1.1.1d-11.43.1
    • libopenssl1_1-1.1.1d-11.43.1
    • libopenssl1_1-debuginfo-1.1.1d-11.43.1
    • libopenssl1_1-hmac-1.1.1d-11.43.1
    • libxcrypt-debugsource-4.4.15-150300.4.2.41
    • libz1-1.2.11-3.26.10
    • libz1-debuginfo-1.2.11-3.26.10
    • openssl-1_1-1.1.1d-11.43.1
    • openssl-1_1-debuginfo-1.1.1d-11.43.1
    • openssl-1_1-debugsource-1.1.1d-11.43.1
    • zlib-debugsource-1.2.11-3.26.10

References: