Lucene search
SuseOPENSUSE-SU-2021:0397-1HistoryMar 09, 2021 - 12:00 a.m.
Security update for mbedtls (moderate)
2021-03-0900:00:00
lists.opensuse.org
12
mbedtls
update
vulnerability
ecc code
side channel
opensuse
yast
zypper
patch
sle-15-sp2
EPSS
0.001
Percentile
23.7%
An update that fixes one vulnerability is now available.
Description:
This update for mbedtls fixes the following issues:
- mbedtls was updated to version 2.16.9
- CVE-2020-10932: Fixed side channel in ECC code that allowed an
adversary with access to precise enough timing and memory access
information (typically an untrusted operating system attacking a
secure enclave) to fully recover an ECDSA private key (boo#1181468).
- CVE-2020-10932: Fixed side channel in ECC code that allowed an
This update was imported from the openSUSE:Leap:15.2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Backports SLE-15-SP2:
zypper in -t patch openSUSE-2021-397=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Backports SLE | 15-SP2 | aarch64 | - opensuse backports sle | < 15-SP2 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.aarch64.rpm |
| openSUSE Backports SLE | 15-SP2 | ppc64le | - opensuse backports sle | < 15-SP2 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm |
| openSUSE Backports SLE | 15-SP2 | s390x | - opensuse backports sle | < 15-SP2 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.s390x.rpm |
| openSUSE Backports SLE | 15-SP2 | x86_64 | - opensuse backports sle | < 15-SP2 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.x86_64.rpm |
| openSUSE Backports SLE | 15-SP2 | aarch64_ilp32 | - opensuse backports sle | < 15-SP2 (aarch64_ilp32): | - openSUSE Backports SLE-15-SP2 (aarch64_ilp32):.aarch64_ilp32.rpm |
Related
suse
suse
Security update for mbedtls (moderate)
2021-03-05 00:00:00
veracode
veracode
Information Disclosure
2020-08-06 21:34:04
debiancve
debiancve
CVE-2020-10932
2020-04-15 14:15:20
cve
cve
CVE-2020-10932
2020-04-15 14:15:20
nvd
nvd
CVE-2020-10932
2020-04-15 14:15:20
openvas
openvas
Fedora: Security Advisory for mbedtls (FEDORA-2020-9a6e8e63e9)
2020-06-07 00:00:00
Fedora: Security Advisory for mbedtls (FEDORA-2020-42564738a1)
2020-06-07 00:00:00
Mageia: Security Advisory (MGASA-2020-0265)
2022-01-28 00:00:00
freebsd
freebsd
Mbed TLS -- Side channel attack on ECDSA
2020-04-14 00:00:00
nessus
nessus
FreeBSD : Mbed TLS -- Side channel attack on ECDSA (bf1f47c4-7f1b-11ea-bf94-001cc0382b2f)
2020-04-16 00:00:00
Fedora 32 : mbedtls (2020-9a6e8e63e9)
2020-06-05 00:00:00
Fedora 31 : mbedtls (2020-42564738a1)
2020-06-05 00:00:00
cvelist
cvelist
CVE-2020-10932
2020-04-15 00:00:00
ubuntucve
ubuntucve
CVE-2020-10932
2020-04-15 00:00:00
archlinux
archlinux
[ASA-202007-5] mbedtls: private key recovery
2020-07-31 00:00:00
alpinelinux
alpinelinux
CVE-2020-10932
2020-04-15 14:15:20
osv
osv
CVE-2020-10932
2020-04-15 14:15:20
mbedtls - security update
2022-12-26 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: mbedtls-2.16.6-1.fc31
2020-06-05 02:40:45
[SECURITY] Fedora 32 Update: mbedtls-2.16.6-1.fc32
2020-06-05 02:30:55
prion
prion
Design/Logic Flaw
2020-04-15 14:15:00
mageia
mageia
Updated mbedtls packages fix security vulnerability
2020-06-16 10:45:15
debian
debian
[SECURITY] [DLA 3249-1] mbedtls security update
2022-12-25 23:33:58