Overview

File _patchinfo of Package patchinfo.28463

<patchinfo incident="28463">
  <issue tracker="cve" id="2023-0464"/>
  <issue tracker="bnc" id="1209624">VUL-0: CVE-2023-0464: openssl,openssl-1_0_0,compat-openssl098,openssl1,openssl-3,openssl-1_1:  Excessive Resource Usage Verifying X.509 Policy Constraints</issue>
  <issue tracker="bnc" id="1209878">VUL-0: CVE-2023-0465: openssl-1_1,openssl1,openssl,openssl-1_0_0,openssl-3: Invalid certificate policies in leaf certificates are silently ignored</issue>
  <issue tracker="bnc" id="1209873">VUL-1: CVE-2023-0466: openssl-3,openssl-1_0_0,openssl-1_1,openssl1,openssl: Certificate policy check not enabled</issue>
  <issue tracker="cve" id="2023-0465"/>
  <issue tracker="cve" id="2023-0466"/>
  <packager>ohollmann</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for openssl-1_1</summary>
  <description>This update for openssl-1_1 fixes the following issues:

- CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints (bsc#1209624).
- CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored (bsc#1209878).
- CVE-2023-0466: Certificate policy check were not enabled (bsc#1209873).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places