Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
patchinfo.690
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.690
<patchinfo incident="690"> <issue id="933911" tracker="bnc">CVE-2015-1791: openssl: race condition in NewSessionTicket</issue> <issue id="926597" tracker="bnc">FIPS: OpenSSL selftest not performed outside of FIPS mode</issue> <issue id="931698" tracker="bnc">openssl: The Logjam Attack / weakdh.org</issue> <issue id="934489" tracker="bnc">CVE-2015-1789: openssl,openssl1: OpenSSL: Exploitable out-of-bounds read in X509_cmp_time</issue> <issue id="933898" tracker="bnc">CVE-2015-3216: openssl: Crash in ssleay_rand_bytes due to locking regression</issue> <issue id="934487" tracker="bnc">:CVE-2015-1788: openssl,openssl1: OpenSSL: Malformed ECParameters causes infinite loop</issue> <issue id="929678" tracker="bnc">:openssl: Timing side channel in RSA decryption</issue> <issue id="934491" tracker="bnc">:CVE-2015-1790 : openssl,openssl1: PKCS7 crash with missing EnvelopedContent</issue> <issue id="934493" tracker="bnc">:CVE-2015-1792: openssl,openssl1: CMS verify infinite loop with unknown hash function</issue> <issue id="CVE-2015-1789" tracker="cve" /> <issue id="CVE-2015-1788" tracker="cve" /> <issue id="CVE-2015-1790" tracker="cve" /> <issue id="CVE-2015-1791" tracker="cve" /> <issue id="CVE-2015-1792" tracker="cve" /> <issue id="CVE-2015-3216" tracker="cve" /> <issue id="CVE-2015-4000" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>vitezslav_cizek</packager> <description> This update of openssl fixes the following security issues: - CVE-2015-4000 (bsc#931698) * The Logjam Attack / weakdh.org * reject connections with DH parameters shorter than 1024 bits * generates 2048-bit DH parameters by default - CVE-2015-1788 (bsc#934487) * Malformed ECParameters causes infinite loop - CVE-2015-1789 (bsc#934489) * Exploitable out-of-bounds read in X509_cmp_time - CVE-2015-1790 (bsc#934491) * PKCS7 crash with missing EnvelopedContent - CVE-2015-1792 (bsc#934493) * CMS verify infinite loop with unknown hash function - CVE-2015-1791 (bsc#933911) * race condition in NewSessionTicket - CVE-2015-3216 (bsc#933898) * Crash in ssleay_rand_bytes due to locking regression - fix a timing side channel in RSA decryption (bnc#929678) </description> <summary>Security update for openssl</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor