Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
SUSE:SLE-12-SP1:GA
patchinfo.3234
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.3234
<patchinfo incident="3234"> <issue id="995075" tracker="bnc">L3: sshd: fatal: cannot read from /dev/urandom, Interrupted system call</issue> <issue id="993819" tracker="bnc">VUL-1: CVE-2016-2182: openssl: Check for errors in BN_bn2dec()</issue> <issue id="999666" tracker="bnc">VUL-0: CVE-2016-6304: openssl: OCSP Status Request extension unbounded memory growth</issue> <issue id="999665" tracker="bnc">VUL-0: [TRACKERBUG]: openssl: Security Advisory [22 Sep 2016]</issue> <issue id="994749" tracker="bnc">VUL-0: CVE-2016-2181: openssl: Fix DTLS replay protection</issue> <issue id="999668" tracker="bnc">VUL-0: CVE-2016-6306: openssl: Certificate message OOB reads</issue> <issue id="998190" tracker="bnc">null pointer in openssl</issue> <issue id="983249" tracker="bnc">VUL-1: CVE-2016-2178: openssl: Fix DSA, preserve BN_FLG_CONSTTIME</issue> <issue id="982745" tracker="bnc">SLES 12 SP1 - openssl libcrypto performance issue</issue> <issue id="982575" tracker="bnc">VUL-1: CVE-2016-2177: openssl: Avoid some undefined pointer arithmetic</issue> <issue id="995359" tracker="bnc">VUL-0: CVE-2016-2183: openssl: Birthday attacks on 64-bit block ciphers aka triple-des (SWEET32)</issue> <issue id="990419" tracker="bnc">VUL-1: CVE-2016-2180: openssl: OOB read in TS_OBJ_print_bio()</issue> <issue id="994844" tracker="bnc">VUL-0: CVE-2016-2179: openssl1,openssl,compat-openssl098: remote denial of service via DTLS Finished Message</issue> <issue id="979475" tracker="bnc">openssl cms-test.pl failing due to expired certificates</issue> <issue id="995377" tracker="bnc">VUL-0: CVE-2016-6303: openssl: Avoid overflow in MDC2_Update</issue> <issue id="988591" tracker="bnc">openSSL failure with large file transfers</issue> <issue id="995324" tracker="bnc">VUL-1: CVE-2016-6302: openssl: Sanity check ticket length.</issue> <issue id="2016-6302" tracker="cve" /> <issue id="2016-6303" tracker="cve" /> <issue id="2016-6304" tracker="cve" /> <issue id="2016-2179" tracker="cve" /> <issue id="2016-6306" tracker="cve" /> <issue id="2016-2178" tracker="cve" /> <issue id="2016-2177" tracker="cve" /> <issue id="2016-2182" tracker="cve" /> <issue id="2016-2183" tracker="cve" /> <issue id="2016-2180" tracker="cve" /> <issue id="2016-2181" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>vitezslav_cizek</packager> <description> This update for openssl fixes the following issues: OpenSSL Security Advisory [22 Sep 2016] (bsc#999665) Severity: High * OCSP Status Request extension unbounded memory growth (CVE-2016-6304) (bsc#999666) Severity: Low * Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575) * Constant time flag not preserved in DSA signing (CVE-2016-2178) (bsc#983249) * DTLS buffered message DoS (CVE-2016-2179) (bsc#994844) * OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (bsc#990419) * DTLS replay protection DoS (CVE-2016-2181) (bsc#994749) * OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819) * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183) (bsc#995359) * Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324) * OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377) * Certificate message OOB reads (CVE-2016-6306) (bsc#999668) More information can be found on: https://www.openssl.org/news/secadv/20160922.txt Also following bugs were fixed: * update expired S/MIME certs (bsc#979475) * improve s390x performance (bsc#982745) * allow >= 64GB AESGCM transfers (bsc#988591) * fix crash in print_notice (bsc#998190) * resume reading from /dev/urandom when interrupted by a signal (bsc#995075) </description> <summary>Security update for openssl</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor