Overview

File _patchinfo of Package patchinfo.27652

<patchinfo incident="27652">
  <issue tracker="bnc" id="1207536">VUL-0: EMBARGOED: CVE-2023-0215: openssl: Use-after-free following BIO_new_NDEF</issue>
  <issue tracker="bnc" id="1207533">VUL-0: EMBARGOED: CVE-2023-0286: openssl: X.400 address type confusion in X.509 GeneralName</issue>
  <issue tracker="bnc" id="1207534">VUL-0: EMBARGOED: CVE-2022-4304: openssl: Timing Oracle in RSA Decryption</issue>
  <issue tracker="cve" id="2023-0215"/>
  <issue tracker="cve" id="2022-4304"/>
  <issue tracker="cve" id="2023-0286"/>
  <packager>ohollmann</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for openssl-1_1</summary>
  <description>This update for openssl-1_1 fixes the following issues:

- CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address (bsc#1207533).
- CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF() (bsc#1207536).
- CVE-2022-4304: Fixed timing Oracle in RSA Decryption (bsc#1207534).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places