openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2024:3905-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.856689

Categoría: openSUSE Local Security Checks

Título: openSUSE Security Advisory (SUSE-SU-2024:3905-1)

Resumen: The remote host is missing an update for the 'openssl-1_1' package(s) announced via the SUSE-SU-2024:3905-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'openssl-1_1' package(s) announced via the SUSE-SU-2024:3905-1 advisory.

Vulnerability Insight:
- CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262)

Other fixes:

- FIPS: AES GCM external IV implementation (bsc#1228618)
- FIPS: Mark PBKDF2 and HKDF HMAC input keys with size >= 112 bits as approved in the SLI. (bsc#1228623)
- FIPS: Enforce KDF in FIPS style (bsc#1224270)
- FIPS: Mark HKDF and TLSv1.3 KDF as approved in the SLI (bsc#1228619)
- FIPS: The X9.31 scheme is not approved for RSA signature operations in FIPS 186-5. (bsc#1224269)
- FIPS: Differentiate the PSS length requirements (bsc#1224275)
- FIPS: Mark sigGen and sigVer primitives as non-approved (bsc#1224272)
- FIPS: Disable PKCSv1.5 and shake in FIPS mode (bsc#1224271)
- FIPS: Mark SHA1 as non-approved in the SLI (bsc#1224266)
- FIPS: DH FIPS selftest and safe prime group (bsc#1224264)
- FIPS: Remove not needed FIPS DRBG files (bsc#1224268)
- FIPS: Add Pair-wise Consistency Test when generating DH key (bsc#1224265)
- FIPS: Disallow non-approved KDF types (bsc#1224267)
- FIPS: Disallow RSA sigVer with 1024 and ECDSA sigVer/keyVer P-192 (bsc#1224273)
- FIPS: DRBG component chaining (bsc#1224258)
- FIPS: Align CRNGT_BUFSIZ with Jitter RNG output size (bsc#1224260)

Affected Software/OS:
'openssl-1_1' package(s) on openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2023-50782
RHBZ#2254432
https://bugzilla.redhat.com/show_bug.cgi?id=2254432
https://access.redhat.com/security/cve/CVE-2023-50782

Copyright Copyright (C) 2024 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.856689
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (SUSE-SU-2024:3905-1)
Resumen:	The remote host is missing an update for the 'openssl-1_1' package(s) announced via the SUSE-SU-2024:3905-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'openssl-1_1' package(s) announced via the SUSE-SU-2024:3905-1 advisory. Vulnerability Insight: - CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262) Other fixes: - FIPS: AES GCM external IV implementation (bsc#1228618) - FIPS: Mark PBKDF2 and HKDF HMAC input keys with size >= 112 bits as approved in the SLI. (bsc#1228623) - FIPS: Enforce KDF in FIPS style (bsc#1224270) - FIPS: Mark HKDF and TLSv1.3 KDF as approved in the SLI (bsc#1228619) - FIPS: The X9.31 scheme is not approved for RSA signature operations in FIPS 186-5. (bsc#1224269) - FIPS: Differentiate the PSS length requirements (bsc#1224275) - FIPS: Mark sigGen and sigVer primitives as non-approved (bsc#1224272) - FIPS: Disable PKCSv1.5 and shake in FIPS mode (bsc#1224271) - FIPS: Mark SHA1 as non-approved in the SLI (bsc#1224266) - FIPS: DH FIPS selftest and safe prime group (bsc#1224264) - FIPS: Remove not needed FIPS DRBG files (bsc#1224268) - FIPS: Add Pair-wise Consistency Test when generating DH key (bsc#1224265) - FIPS: Disallow non-approved KDF types (bsc#1224267) - FIPS: Disallow RSA sigVer with 1024 and ECDSA sigVer/keyVer P-192 (bsc#1224273) - FIPS: DRBG component chaining (bsc#1224258) - FIPS: Align CRNGT_BUFSIZ with Jitter RNG output size (bsc#1224260) Affected Software/OS: 'openssl-1_1' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-50782 RHBZ#2254432 https://bugzilla.redhat.com/show_bug.cgi?id=2254432 https://access.redhat.com/security/cve/CVE-2023-50782
Copyright	Copyright (C) 2024 Greenbone AG