SUSE-RU-2020:2816-1: moderate: Recommended update for libica

sle-updates at lists.suse.com sle-updates at lists.suse.com
Thu Oct 1 07:15:51 MDT 2020


   SUSE Recommended Update: Recommended update for libica
______________________________________________________________________________

Announcement ID:    SUSE-RU-2020:2816-1
Rating:             moderate
References:         #1175277 #1175356 #1175357 
Affected Products:
                    SUSE Linux Enterprise Module for Server Applications 15-SP2
______________________________________________________________________________

   An update that has three recommended fixes can now be
   installed.

Description:

   This update for libica fixes the following issues:

   Various FIPS related fixes have been applied:

   - Fix lack of SHA3 KATs in "make check" processing (bsc#1175277)
   - Fix FIPS hmac check (bsc#1175356).
     * Update FIPS support to upstream
     * FIPS check should fail when hmac is missing
       - Create an hmac for the selftest
       - Check that selftest fails without a hmac
       - Hash libica.so.3 rather than libica.so.3.6.0
   - Fix Some internal variables used to store sensitive information (keys)
     were not zeroized before returning to the calling application.
     (bsc#1175357)


Patch Instructions:

   To install this SUSE Recommended Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Server Applications 15-SP2:

      zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP2-2020-2816=1



Package List:

   - SUSE Linux Enterprise Module for Server Applications 15-SP2 (s390x):

      libica-debugsource-3.6.0-5.3.1
      libica-devel-3.6.0-5.3.1
      libica-devel-static-3.6.0-5.3.1
      libica-tools-3.6.0-5.3.1
      libica-tools-debuginfo-3.6.0-5.3.1
      libica3-3.6.0-5.3.1
      libica3-debuginfo-3.6.0-5.3.1


References:

   https://bugzilla.suse.com/1175277
   https://bugzilla.suse.com/1175356
   https://bugzilla.suse.com/1175357



More information about the sle-updates mailing list