{"affected":[{"ecosystem_specific":{"binaries":[{"libqat4":"24.09.0-150500.3.3.1","libqatzip3":"1.1.0-150500.3.2.1","libusdm0":"24.09.0-150500.3.3.1","qatengine":"1.7.0-150500.3.3.1","qatlib":"24.09.0-150500.3.3.1","qatlib-devel":"24.09.0-150500.3.3.1","qatzip":"1.1.0-150500.3.2.1","qatzip-devel":"1.1.0-150500.3.2.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP5-ESPOS","name":"qatengine","purl":"pkg:rpm/suse/qatengine&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.0-150500.3.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libqat4":"24.09.0-150500.3.3.1","libqatzip3":"1.1.0-150500.3.2.1","libusdm0":"24.09.0-150500.3.3.1","qatengine":"1.7.0-150500.3.3.1","qatlib":"24.09.0-150500.3.3.1","qatlib-devel":"24.09.0-150500.3.3.1","qatzip":"1.1.0-150500.3.2.1","qatzip-devel":"1.1.0-150500.3.2.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP5-ESPOS","name":"qatlib","purl":"pkg:rpm/suse/qatlib&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"24.09.0-150500.3.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libqat4":"24.09.0-150500.3.3.1","libqatzip3":"1.1.0-150500.3.2.1","libusdm0":"24.09.0-150500.3.3.1","qatengine":"1.7.0-150500.3.3.1","qatlib":"24.09.0-150500.3.3.1","qatlib-devel":"24.09.0-150500.3.3.1","qatzip":"1.1.0-150500.3.2.1","qatzip-devel":"1.1.0-150500.3.2.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP5-ESPOS","name":"qatzip","purl":"pkg:rpm/suse/qatzip&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.0-150500.3.2.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libqat4":"24.09.0-150500.3.3.1","libqatzip3":"1.1.0-150500.3.2.1","libusdm0":"24.09.0-150500.3.3.1","qatengine":"1.7.0-150500.3.3.1","qatlib":"24.09.0-150500.3.3.1","qatlib-devel":"24.09.0-150500.3.3.1","qatzip":"1.1.0-150500.3.2.1","qatzip-devel":"1.1.0-150500.3.2.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP5-LTSS","name":"qatengine","purl":"pkg:rpm/suse/qatengine&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.0-150500.3.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libqat4":"24.09.0-150500.3.3.1","libqatzip3":"1.1.0-150500.3.2.1","libusdm0":"24.09.0-150500.3.3.1","qatengine":"1.7.0-150500.3.3.1","qatlib":"24.09.0-150500.3.3.1","qatlib-devel":"24.09.0-150500.3.3.1","qatzip":"1.1.0-150500.3.2.1","qatzip-devel":"1.1.0-150500.3.2.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP5-LTSS","name":"qatlib","purl":"pkg:rpm/suse/qatlib&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"24.09.0-150500.3.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libqat4":"24.09.0-150500.3.3.1","libqatzip3":"1.1.0-150500.3.2.1","libusdm0":"24.09.0-150500.3.3.1","qatengine":"1.7.0-150500.3.3.1","qatlib":"24.09.0-150500.3.3.1","qatlib-devel":"24.09.0-150500.3.3.1","qatzip":"1.1.0-150500.3.2.1","qatzip-devel":"1.1.0-150500.3.2.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP5-LTSS","name":"qatzip","purl":"pkg:rpm/suse/qatzip&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.0-150500.3.2.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libqat4":"24.09.0-150500.3.3.1","libqatzip3":"1.1.0-150500.3.2.1","libusdm0":"24.09.0-150500.3.3.1","qatengine":"1.7.0-150500.3.3.1","qatlib":"24.09.0-150500.3.3.1","qatlib-devel":"24.09.0-150500.3.3.1","qatzip":"1.1.0-150500.3.2.1","qatzip-devel":"1.1.0-150500.3.2.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP5-LTSS","name":"qatengine","purl":"pkg:rpm/suse/qatengine&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.0-150500.3.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libqat4":"24.09.0-150500.3.3.1","libqatzip3":"1.1.0-150500.3.2.1","libusdm0":"24.09.0-150500.3.3.1","qatengine":"1.7.0-150500.3.3.1","qatlib":"24.09.0-150500.3.3.1","qatlib-devel":"24.09.0-150500.3.3.1","qatzip":"1.1.0-150500.3.2.1","qatzip-devel":"1.1.0-150500.3.2.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP5-LTSS","name":"qatlib","purl":"pkg:rpm/suse/qatlib&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"24.09.0-150500.3.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libqat4":"24.09.0-150500.3.3.1","libqatzip3":"1.1.0-150500.3.2.1","libusdm0":"24.09.0-150500.3.3.1","qatengine":"1.7.0-150500.3.3.1","qatlib":"24.09.0-150500.3.3.1","qatlib-devel":"24.09.0-150500.3.3.1","qatzip":"1.1.0-150500.3.2.1","qatzip-devel":"1.1.0-150500.3.2.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP5-LTSS","name":"qatzip","purl":"pkg:rpm/suse/qatzip&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.0-150500.3.2.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libqat4":"24.09.0-150500.3.3.1","libqatzip3":"1.1.0-150500.3.2.1","libusdm0":"24.09.0-150500.3.3.1","qatengine":"1.7.0-150500.3.3.1","qatlib":"24.09.0-150500.3.3.1","qatlib-devel":"24.09.0-150500.3.3.1","qatzip":"1.1.0-150500.3.2.1","qatzip-devel":"1.1.0-150500.3.2.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP5","name":"qatengine","purl":"pkg:rpm/suse/qatengine&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.0-150500.3.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libqat4":"24.09.0-150500.3.3.1","libqatzip3":"1.1.0-150500.3.2.1","libusdm0":"24.09.0-150500.3.3.1","qatengine":"1.7.0-150500.3.3.1","qatlib":"24.09.0-150500.3.3.1","qatlib-devel":"24.09.0-150500.3.3.1","qatzip":"1.1.0-150500.3.2.1","qatzip-devel":"1.1.0-150500.3.2.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP5","name":"qatlib","purl":"pkg:rpm/suse/qatlib&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"24.09.0-150500.3.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libqat4":"24.09.0-150500.3.3.1","libqatzip3":"1.1.0-150500.3.2.1","libusdm0":"24.09.0-150500.3.3.1","qatengine":"1.7.0-150500.3.3.1","qatlib":"24.09.0-150500.3.3.1","qatlib-devel":"24.09.0-150500.3.3.1","qatzip":"1.1.0-150500.3.2.1","qatzip-devel":"1.1.0-150500.3.2.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP5","name":"qatzip","purl":"pkg:rpm/suse/qatzip&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.0-150500.3.2.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for qatengine, qatlib fixes the following issues:\n\nNote that the 1.6.1 release included in 1.7.0 fixes the following\nvulnerabilities:\n\n  * bsc#1233363 (CVE-2024-28885)\n  * bsc#1233365 (CVE-2024-31074)\n  * bsc#1233366 (CVE-2024-33617)\n\nUpdate to 1.7.0:\n\n  * ipp-crypto name change to cryptography-primitives\n  * QAT_SW GCM memory leak fix in cleanup function\n  * Update limitation section in README for v1.7.0 release\n  * Fix build with OPENSSL_NO_ENGINE\n  * Fix for build issues with qatprovider in qatlib\n  * Bug fixes and README updates to v1.7.0\n  * Remove qat_contig_mem driver support\n  * Add support for building QAT Engine ENGINE and PROVIDER modules\n    with QuicTLS 3.x libraries\n  * Fix for DSA issue with openssl3.2\n  * Fix missing lower bounds check on index i\n  * Enabled SW Fallback support for FBSD\n  * Fix for segfault issue when SHIM config section is unavailable\n  * Fix for Coverity & Resource leak\n  * Fix for RSA failure with SVM enabled in openssl-3.2\n  * SM3 Memory Leak Issue Fix\n  * Fix qatprovider lib name issue with system openssl\n\nUpdate to 1.6.0:\n\n  * Fix issue with make depend for QAT_SW\n  * QAT_HW GCM Memleak fix & bug fixes\n  * QAT2.0 FreeBSD14 intree driver support\n  * Fix OpenSSL 3.2 compatibility issues\n  * Optimize hex dump logging\n  * Clear job tlv on error\n  * QAT_HW RSA Encrypt and Decrypt provider support\n  * QAT_HW AES-CCM Provider support\n  * Add ECDH keymgmt support for provider\n  * Fix QAT_HW SM2 memory leak \n  * Enable qaeMemFreeNonZeroNUMA() for qatlib \n  * Fix polling issue for the process that doesn't have QAT_HW instance\n  * Fix SHA3 qctx initialization issue & potential memleak \n  * Fix compilation error in SM2 with qat_contig_mem \n  * Update year in copyright information to 2024 \n\nUpdate to 1.5.0:\n\n  * use new --enable-qat_insecure_algorithms to avoid regressions\n  * improve support for SM{2,3,4} ciphers\n  * improve SW fallback support\n  * many bug fixes, refactorisations and documentation updates\n\nqatlib was updated to 24.09.0:\n\n  * Improved performance scaling in multi-thread applications\n  * Set core affinity mapping based on NUMA\n    (libnuma now required for building)\n  * bug fixes, see https://github.com/intel/qatlib#resolved-issues\n\nversion update to 24.02.0:\n\n  * Support DC NS (NoSession) APIs\n  * Support Symmetric Crypto SM3 & SM4\n  * Support Asymmetric Crypto SM2\n  * Support DC CompressBound APIs\n  * Bug Fixes. See Resolved section in README.md\n\nupdate to 23.11.0:\n\n  * use new --enable-legacy-algorithms to avoid regressions\n  * add support for data compression chaining (hash then compress)\n  * add support for additional configuration profiles\n  * add support DC NS (NoSession) APIs\n  * add support DC CompressBound APIs\n  * add Support for Chinese SM{2,3,4} ciphers\n  * bump shared library major to 4\n  * refactoring, bug fixes and documentation updates\n\n","id":"SUSE-SU-2025:3943-1","modified":"2025-11-05T08:16:20Z","published":"2025-11-05T08:16:20Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-20253943-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1233363"},{"type":"REPORT","url":"https://bugzilla.suse.com/1233365"},{"type":"REPORT","url":"https://bugzilla.suse.com/1233366"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-28885"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-31074"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-33617"}],"related":["CVE-2024-28885","CVE-2024-31074","CVE-2024-33617"],"summary":"Security update for qatengine, qatlib","upstream":["CVE-2024-28885","CVE-2024-31074","CVE-2024-33617"]}