{"affected":[{"ecosystem_specific":{"binaries":[{"libopenssl1_1":"1.1.1w-150600.5.9.1","libopenssl1_1-32bit":"1.1.1w-150600.5.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP6","name":"openssl-1_1","purl":"pkg:rpm/suse/openssl-1_1&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.1w-150600.5.9.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libopenssl-1_1-devel":"1.1.1w-150600.5.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Development Tools 15 SP6","name":"openssl-1_1","purl":"pkg:rpm/suse/openssl-1_1&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.1w-150600.5.9.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"openssl-1_1":"1.1.1w-150600.5.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Legacy 15 SP6","name":"openssl-1_1","purl":"pkg:rpm/suse/openssl-1_1&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.1w-150600.5.9.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libopenssl-1_1-devel":"1.1.1w-150600.5.9.1","libopenssl-1_1-devel-32bit":"1.1.1w-150600.5.9.1","libopenssl1_1":"1.1.1w-150600.5.9.1","libopenssl1_1-32bit":"1.1.1w-150600.5.9.1","openssl-1_1":"1.1.1w-150600.5.9.1","openssl-1_1-doc":"1.1.1w-150600.5.9.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"openssl-1_1","purl":"pkg:rpm/opensuse/openssl-1_1&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.1w-150600.5.9.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for openssl-1_1 fixes the following issues:\n\nSecurity fixes:\n\n- CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262)\n\nOther fixes:\n\n- FIPS: AES GCM external IV implementation (bsc#1228618)\n- FIPS: Mark PBKDF2 and HKDF HMAC input keys with size >= 112 bits as approved in the SLI. (bsc#1228623)\n- FIPS: Enforce KDF in FIPS style (bsc#1224270)\n- FIPS: Mark HKDF and TLSv1.3 KDF as approved in the SLI (bsc#1228619)\n- FIPS: The X9.31 scheme is not approved for RSA signature operations in FIPS 186-5. (bsc#1224269)\n- FIPS: Differentiate the PSS length requirements (bsc#1224275)\n- FIPS: Mark sigGen and sigVer primitives as non-approved (bsc#1224272)\n- FIPS: Disable PKCSv1.5 and shake in FIPS mode (bsc#1224271)\n- FIPS: Mark SHA1 as non-approved in the SLI (bsc#1224266)\n- FIPS: DH FIPS selftest and safe prime group (bsc#1224264)\n- FIPS: Remove not needed FIPS DRBG files (bsc#1224268)\n- FIPS: Add Pair-wise Consistency Test when generating DH key (bsc#1224265)\n- FIPS: Disallow non-approved KDF types (bsc#1224267)\n- FIPS: Disallow RSA sigVer with 1024 and ECDSA sigVer/keyVer P-192 (bsc#1224273)\n- FIPS: DRBG component chaining (bsc#1224258)\n- FIPS: Align CRNGT_BUFSIZ with Jitter RNG output size (bsc#1224260)\n","id":"SUSE-SU-2024:3905-1","modified":"2024-11-04T12:39:03Z","published":"2024-11-04T12:39:03Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2024/suse-su-20243905-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1220262"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224258"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224260"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224264"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224265"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224266"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224267"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224268"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224269"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224270"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224271"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224272"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224273"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224275"},{"type":"REPORT","url":"https://bugzilla.suse.com/1228618"},{"type":"REPORT","url":"https://bugzilla.suse.com/1228619"},{"type":"REPORT","url":"https://bugzilla.suse.com/1228623"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-50782"}],"related":["CVE-2023-50782"],"summary":"Security update for openssl-1_1","upstream":["CVE-2023-50782"]}