Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseOPENSUSE-SU-2021:2136-1
HistoryJul 11, 2021 - 12:00 a.m.

Security update for cryptctl (important)

2021-07-1100:00:00
lists.opensuse.org
10
cryptctl
security update
version 2.4

EPSS

0.001

Percentile

47.9%

JSON

An update that fixes one vulnerability is now available.

Description:

This update for cryptctl fixes the following issues:

Update to version 2.4:

  • CVE-2019-18906: Client side password hashing was equivalent to clear
    text password storage (bsc#1186226)
  • First step to use plain text password instead of hashed password.
  • Move repository into the SUSE github organization
  • in RPC server, if client comes from localhost, remember its ipv4
    localhost address instead of ipv6 address
  • tell a record to clear expired pending commands upon saving a command
    result; introduce pending commands RPC test case
  • avoid hard coding 127.0.0.1 in host ID of alive message test; let system
    administrator mount and unmount disks by issuing these two commands on
    key server.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.3:

    zypper in -t patch openSUSE-SLE-15.3-2021-2136=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.3ppc64le< - openSUSE Leap 15.3 (ppc64le x86_64):- openSUSE Leap 15.3 (ppc64le x86_64):.ppc64le.rpm
openSUSE Leap15.3x86_64< - openSUSE Leap 15.3 (ppc64le x86_64):- openSUSE Leap 15.3 (ppc64le x86_64):.x86_64.rpm

Related

osv 1
prion 1
nessus 4
openvas 4
nvd 1
suse 1
cvelist 1
cve 1
osv
osv
cryptctl-2.4-1.1 on GA media
2024-06-15 00:00:00
prion
prion
Authentication flaw
2021-06-30 09:15:00
nessus
nessus
SUSE SLES12 Security Update : cryptctl (SUSE-SU-2021:2137-1)
2021-06-28 00:00:00
openSUSE 15 Security Update : cryptctl (openSUSE-SU-2021:2136-1)
2021-07-16 00:00:00
SUSE SLED15 / SLES15 Security Update : cryptctl (SUSE-SU-2021:2136-1)
2021-06-28 00:00:00
openvas
openvas
openSUSE: Security Advisory for cryptctl (openSUSE-SU-2021:0907-1)
2021-06-25 00:00:00
openSUSE: Security Advisory for cryptctl (openSUSE-SU-2021:2136-1)
2021-07-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:2137-1)
2021-06-24 00:00:00
nvd
nvd
CVE-2019-18906
2021-06-30 09:15:07
suse
suse
Security update for cryptctl (important)
2021-06-24 00:00:00
cvelist
cvelist
CVE-2019-18906 cryptctl: client side password hashing is equivalent to clear text password storage
2021-06-30 08:35:12
cve
cve
CVE-2019-18906
2021-06-30 09:15:07

EPSS

0.001

Percentile

47.9%

JSON
Related for OPENSUSE-SU-2021:2136-1
osv1prion1nessus4openvas4nvd1suse1cvelist1cve1