libasn1-8-7.8.0-3.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:12846 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z libasn1-8-7.8.0-3.1 on GA media These are all security issues fixed in the libasn1-8-7.8.0-3.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-12846 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:12846 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2022-45142/ SUSE CVE CVE-2022-45142 page openSUSE Tumbleweed libasn1-8-7.8.0-3.1 libgssapi3-7.8.0-3.1 libhcrypto4-7.8.0-3.1 libhdb9-7.8.0-3.1 libheimbase1-7.8.0-3.1 libheimdal-devel-7.8.0-3.1 libheimedit0-7.8.0-3.1 libheimntlm0-7.8.0-3.1 libhx509-5-7.8.0-3.1 libkadm5clnt7-7.8.0-3.1 libkadm5srv8-7.8.0-3.1 libkafs0-7.8.0-3.1 libkdc2-7.8.0-3.1 libkrb5-26-7.8.0-3.1 libotp0-7.8.0-3.1 libroken18-7.8.0-3.1 libsl0-7.8.0-3.1 libwind0-7.8.0-3.1 libasn1-8-7.8.0-3.1 as a component of openSUSE Tumbleweed libgssapi3-7.8.0-3.1 as a component of openSUSE Tumbleweed libhcrypto4-7.8.0-3.1 as a component of openSUSE Tumbleweed libhdb9-7.8.0-3.1 as a component of openSUSE Tumbleweed libheimbase1-7.8.0-3.1 as a component of openSUSE Tumbleweed libheimdal-devel-7.8.0-3.1 as a component of openSUSE Tumbleweed libheimedit0-7.8.0-3.1 as a component of openSUSE Tumbleweed libheimntlm0-7.8.0-3.1 as a component of openSUSE Tumbleweed libhx509-5-7.8.0-3.1 as a component of openSUSE Tumbleweed libkadm5clnt7-7.8.0-3.1 as a component of openSUSE Tumbleweed libkadm5srv8-7.8.0-3.1 as a component of openSUSE Tumbleweed libkafs0-7.8.0-3.1 as a component of openSUSE Tumbleweed libkdc2-7.8.0-3.1 as a component of openSUSE Tumbleweed libkrb5-26-7.8.0-3.1 as a component of openSUSE Tumbleweed libotp0-7.8.0-3.1 as a component of openSUSE Tumbleweed libroken18-7.8.0-3.1 as a component of openSUSE Tumbleweed libsl0-7.8.0-3.1 as a component of openSUSE Tumbleweed libwind0-7.8.0-3.1 as a component of openSUSE Tumbleweed The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted. CVE-2022-45142 openSUSE Tumbleweed:libasn1-8-7.8.0-3.1 openSUSE Tumbleweed:libgssapi3-7.8.0-3.1 openSUSE Tumbleweed:libhcrypto4-7.8.0-3.1 openSUSE Tumbleweed:libhdb9-7.8.0-3.1 openSUSE Tumbleweed:libheimbase1-7.8.0-3.1 openSUSE Tumbleweed:libheimdal-devel-7.8.0-3.1 openSUSE Tumbleweed:libheimedit0-7.8.0-3.1 openSUSE Tumbleweed:libheimntlm0-7.8.0-3.1 openSUSE Tumbleweed:libhx509-5-7.8.0-3.1 openSUSE Tumbleweed:libkadm5clnt7-7.8.0-3.1 openSUSE Tumbleweed:libkadm5srv8-7.8.0-3.1 openSUSE Tumbleweed:libkafs0-7.8.0-3.1 openSUSE Tumbleweed:libkdc2-7.8.0-3.1 openSUSE Tumbleweed:libkrb5-26-7.8.0-3.1 openSUSE Tumbleweed:libotp0-7.8.0-3.1 openSUSE Tumbleweed:libroken18-7.8.0-3.1 openSUSE Tumbleweed:libsl0-7.8.0-3.1 openSUSE Tumbleweed:libwind0-7.8.0-3.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-45142.html CVE-2022-45142 https://bugzilla.suse.com/1208992 SUSE Bug 1208992