Security update for compat-openssl098
This update for compat-openssl098 fixes the following issues:
Security issue fixed:
- CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure
OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS
routines so any application which reads PKCS#7 or CMS data from untrusted
sources is affected. SSL/TLS is not affected. (bsc#957812)
Non security issue fixed:
- Prevent segfault in s_client with invalid options (bsc#952099)
This update was imported from the SUSE:SLE-12:Update update project.
-
Submitted by
Vítězslav Čížek (vitezslav_cizek)
Fixed bugs
bnc#957812
VUL-0: CVE-2015-3195: openssl: X509_ATTRIBUTE memory leak
bnc#952099
openssl s_client segfaults with typo in options, LTSS customer
