python310-3.10.12-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:13031-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z python310-3.10.12-1.1 on GA media These are all security issues fixed in the python310-3.10.12-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-13031 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2023-0286/ SUSE CVE CVE-2023-0286 page https://www.suse.com/security/cve/CVE-2023-2650/ SUSE CVE CVE-2023-2650 page openSUSE Tumbleweed python310-3.10.12-1.1 python310-32bit-3.10.12-1.1 python310-curses-3.10.12-1.1 python310-dbm-3.10.12-1.1 python310-idle-3.10.12-1.1 python310-tk-3.10.12-1.1 python310-3.10.12-1.1 as a component of openSUSE Tumbleweed python310-32bit-3.10.12-1.1 as a component of openSUSE Tumbleweed python310-curses-3.10.12-1.1 as a component of openSUSE Tumbleweed python310-dbm-3.10.12-1.1 as a component of openSUSE Tumbleweed python310-idle-3.10.12-1.1 as a component of openSUSE Tumbleweed python310-tk-3.10.12-1.1 as a component of openSUSE Tumbleweed There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network. CVE-2023-0286 openSUSE Tumbleweed:python310-3.10.12-1.1 openSUSE Tumbleweed:python310-32bit-3.10.12-1.1 openSUSE Tumbleweed:python310-curses-3.10.12-1.1 openSUSE Tumbleweed:python310-dbm-3.10.12-1.1 openSUSE Tumbleweed:python310-idle-3.10.12-1.1 openSUSE Tumbleweed:python310-tk-3.10.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0286.html CVE-2023-0286 https://bugzilla.suse.com/1207533 SUSE Bug 1207533 https://bugzilla.suse.com/1207569 SUSE Bug 1207569 https://bugzilla.suse.com/1211136 SUSE Bug 1211136 https://bugzilla.suse.com/1211503 SUSE Bug 1211503 https://bugzilla.suse.com/1213146 SUSE Bug 1213146 https://bugzilla.suse.com/1214269 SUSE Bug 1214269 https://bugzilla.suse.com/1218477 SUSE Bug 1218477 https://bugzilla.suse.com/1218967 SUSE Bug 1218967 https://bugzilla.suse.com/1225677 SUSE Bug 1225677 Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. The time complexity is O(n^2) with 'n' being the size of the sub-identifiers in bytes (*). With OpenSSL 3.0, support to fetch cryptographic algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs in canonical numeric text form as identifiers for fetching algorithms. Such OBJECT IDENTIFIERs may be received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest passed data. Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low. In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 certificates, including simple things like verifying its signature. The impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer's certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client authentication. In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, and the severity is therefore considered low. CVE-2023-2650 openSUSE Tumbleweed:python310-3.10.12-1.1 openSUSE Tumbleweed:python310-32bit-3.10.12-1.1 openSUSE Tumbleweed:python310-curses-3.10.12-1.1 openSUSE Tumbleweed:python310-dbm-3.10.12-1.1 openSUSE Tumbleweed:python310-idle-3.10.12-1.1 openSUSE Tumbleweed:python310-tk-3.10.12-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2650.html CVE-2023-2650 https://bugzilla.suse.com/1211430 SUSE Bug 1211430