{"affected":[{"ecosystem_specific":{"binaries":[{"libopenssl-3-devel":"3.1.4-150600.5.15.1","libopenssl-3-fips-provider":"3.1.4-150600.5.15.1","libopenssl-3-fips-provider-32bit":"3.1.4-150600.5.15.1","libopenssl3":"3.1.4-150600.5.15.1","libopenssl3-32bit":"3.1.4-150600.5.15.1","openssl-3":"3.1.4-150600.5.15.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP6","name":"openssl-3","purl":"pkg:rpm/suse/openssl-3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.1.4-150600.5.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libopenssl-3-devel":"3.1.4-150600.5.15.1","libopenssl-3-devel-32bit":"3.1.4-150600.5.15.1","libopenssl-3-fips-provider":"3.1.4-150600.5.15.1","libopenssl-3-fips-provider-32bit":"3.1.4-150600.5.15.1","libopenssl3":"3.1.4-150600.5.15.1","libopenssl3-32bit":"3.1.4-150600.5.15.1","openssl-3":"3.1.4-150600.5.15.1","openssl-3-doc":"3.1.4-150600.5.15.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"openssl-3","purl":"pkg:rpm/opensuse/openssl-3&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.1.4-150600.5.15.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for openssl-3 fixes the following issues:\n\n- CVE-2024-6119: Fixed denial of service in X.509 name checks (bsc#1229465)\n\nOther fixes:    \n    \n- FIPS: Deny SHA-1 signature verification in FIPS provider (bsc#1221365).\n- FIPS: RSA keygen PCT requirements.\n- FIPS: Check that the fips provider is available before setting\n  it as the default provider in FIPS mode (bsc#1220523).\n- FIPS: Port openssl to use jitterentropy (bsc#1220523).\n- FIPS: Block non-Approved Elliptic Curves (bsc#1221786).\n- FIPS: Service Level Indicator (bsc#1221365).\n- FIPS: Output the FIPS-validation name and module version which uniquely\n  identify the FIPS validated module (bsc#1221751).\n- FIPS: Add required selftests: (bsc#1221760).\n- FIPS: DH: Disable FIPS 186-4 Domain Parameters (bsc#1221821).\n- FIPS: Recommendation for Password-Based Key Derivation (bsc#1221827).\n- FIPS: Zero initialization required (bsc#1221752).\n- FIPS: Reseed DRBG (bsc#1220690, bsc#1220693, bsc#1220696).\n- FIPS: NIST SP 800-56Brev2 (bsc#1221824).\n- FIPS: Approved Modulus Sizes for RSA Digital Signature for FIPS 186-4 (bsc#1221787).\n- FIPS: Port openssl to use jitterentropy (bsc#1220523).\n- FIPS: NIST SP 800-56Arev3 (bsc#1221822).\n- FIPS: Error state has to be enforced (bsc#1221753).\n","id":"SUSE-SU-2024:3106-1","modified":"2024-09-03T15:00:41Z","published":"2024-09-03T15:00:41Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2024/suse-su-20243106-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1220523"},{"type":"REPORT","url":"https://bugzilla.suse.com/1220690"},{"type":"REPORT","url":"https://bugzilla.suse.com/1220693"},{"type":"REPORT","url":"https://bugzilla.suse.com/1220696"},{"type":"REPORT","url":"https://bugzilla.suse.com/1221365"},{"type":"REPORT","url":"https://bugzilla.suse.com/1221751"},{"type":"REPORT","url":"https://bugzilla.suse.com/1221752"},{"type":"REPORT","url":"https://bugzilla.suse.com/1221753"},{"type":"REPORT","url":"https://bugzilla.suse.com/1221760"},{"type":"REPORT","url":"https://bugzilla.suse.com/1221786"},{"type":"REPORT","url":"https://bugzilla.suse.com/1221787"},{"type":"REPORT","url":"https://bugzilla.suse.com/1221821"},{"type":"REPORT","url":"https://bugzilla.suse.com/1221822"},{"type":"REPORT","url":"https://bugzilla.suse.com/1221824"},{"type":"REPORT","url":"https://bugzilla.suse.com/1221827"},{"type":"REPORT","url":"https://bugzilla.suse.com/1229465"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-6119"}],"related":["CVE-2024-6119"],"summary":"Security update for openssl-3","upstream":["CVE-2024-6119"]}