Request 1102939: Submit openssl-1_0_0 - openSUSE Build Service

Overview

Request 1102939 accepted

- Security fix: (bsc#1213853, CVE-2023-3817)
* Fix excessive time spent checking DH q parameter value
(bsc#1213853, CVE-2023-3817). The function DH_check() performs
various checks on DH parameters. After fixing CVE-2023-3446 it
was discovered that a large q parameter value can also trigger
an overly long computation during some of these checks. A
correct q value, if present, cannot be larger than the modulus
p parameter, thus it is unnecessary to perform these checks if
q is larger than p. If DH_check() is called with such q parameter
value, DH_CHECK_INVALID_Q_VALUE return flag is set and the
computationally intensive checks are skipped.
* Add openssl-1_0-CVE-2023-3817.patch

Created by ohollmann 9 months ago
In state accepted

Submit openssl-1_0_0

Comments for request 1102939 0

Login required, please login in order to comment

Request History

ohollmann created request 9 months ago

- Security fix: (bsc#1213853, CVE-2023-3817)
* Fix excessive time spent checking DH q parameter value
(bsc#1213853, CVE-2023-3817). The function DH_check() performs
various checks on DH parameters. After fixing CVE-2023-3446 it
was discovered that a large q parameter value can also trigger
an overly long computation during some of these checks. A
correct q value, if present, cannot be larger than the modulus
p parameter, thus it is unnecessary to perform these checks if
q is larger than p. If DH_check() is called with such q parameter
value, DH_CHECK_INVALID_Q_VALUE return flag is set and the
computationally intensive checks are skipped.
* Add openssl-1_0-CVE-2023-3817.patch

factory-auto added opensuse-review-team as a reviewer 9 months ago

Please review sources

factory-auto accepted review 9 months ago

Check script succeeded

dimstar_suse added as a reviewer 9 months ago

Being evaluated by staging project "openSUSE:Factory:Staging:adi:13"

dimstar_suse accepted review 9 months ago

Picked "openSUSE:Factory:Staging:adi:13"

licensedigger accepted review 9 months ago

ok

dimstar accepted review 9 months ago

dimstar_suse accepted review 9 months ago

Staging Project openSUSE:Factory:Staging:adi:13 got accepted.

dimstar_suse approved review 9 months ago

Staging Project openSUSE:Factory:Staging:adi:13 got accepted.

dimstar_suse accepted request 9 months ago

Staging Project openSUSE:Factory:Staging:adi:13 got accepted.

openSUSE Build Service is sponsored by