SUSE-CU-2020:735-1: Recommended update of suse/sle15

[sle-updates at lists.suse.com]

SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:735-1
Container Tags        : suse/sle15:15.1 , suse/sle15:15.1.6.2.358
Container Release     : 6.2.358
Severity              : moderate
Type                  : recommended
References            : 1158499 1160158 1161198 1161203 1163569 1165281 1165534 1166848
                        1175847 1177479 
-----------------------------------------------------------------

The container suse/sle15 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3560-1
Released:    Mon Nov 30 12:21:34 2020
Summary:     Recommended update for openssl-1_1
Type:        recommended
Severity:    moderate
References:  1158499,1160158,1161198,1161203,1163569,1165281,1165534,1166848,1175847,1177479
This update for openssl-1_1 fixes the following issues:

This update backports various bugfixes for FIPS:

- Restore private key check in EC_KEY_check_key [bsc#1177479]
- Add shared secret KAT to FIPS DH selftest [bsc#1175847]
- Include ECDH/DH Requirements from SP800-56Arev3 [bsc#1175847]
- Fix locking issue uncovered by python testsuite (bsc#1166848)
- Fix the sequence of locking operations in FIPS mode [bsc#1165534]
- Fix deadlock in FIPS rand code (bsc#1165281)
- Fix wrong return values of FIPS DSA and ECDH selftests (bsc#1163569)
- Fix FIPS DRBG without derivation function (bsc#1161198)
- Allow md5_sha1 in FIPS mode to enable TLS 1.0 (bsc#1161203)
- Obsolete libopenssl-1_0_0-hmac for a clean upgrade from SLE-12
  (bsc#1158499)

- Restore the EVP_PBE_scrypt() behavior from before the KDF patch
  by treating salt=NULL as salt='' (bsc#1160158)