Overview

File _patchinfo of Package patchinfo.1345

<patchinfo>
  <issue id="802648" tracker="bnc">VUL-0: CVE-2013-0169: openssl 1.0.1d/1.0.0k/0.9.8y release (lucky thirteen 13)</issue>
  <issue id="802746" tracker="bnc">VUL-0: CVE-2013-0166: openssl: OCSP invalid key DoS issue</issue>
  <issue id="757773" tracker="bnc">ldap-client yast module requires certificates with "*.pem" name schema</issue>
  <issue id="CVE-2012-0027" tracker="cve" />
  <issue id="CVE-2011-4577" tracker="cve" />
  <issue id="CVE-2011-4576" tracker="cve" />
  <issue id="CVE-2012-1165" tracker="cve" />
  <issue id="CVE-2011-4108" tracker="cve" />
  <issue id="CVE-2013-0166" tracker="cve" />
  <issue id="CVE-2012-0050" tracker="cve" />
  <issue id="CVE-2012-2686" tracker="cve" />
  <issue id="CVE-2012-2110" tracker="cve" />
  <issue id="CVE-2013-0169" tracker="cve" />
  <issue id="CVE-2012-0884" tracker="cve" />
  <issue id="CVE-2011-4619" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>msmeissn</packager>
  <description>
  openssl was updated to 1.0.0k security release 
  to fix bugs and security issues. (bnc#802648 bnc#802746)
  
  The version was upgraded to avoid backporting the large fixes for
  SSL, TLS and DTLS Plaintext Recovery Attack (CVE-2013-0169)
  TLS 1.1 and 1.2 AES-NI crash (CVE-2012-2686)
  OCSP invalid key DoS issue (CVE-2013-0166)

  Also the following bugfix was included:
  bnc#757773 - c_rehash to accept more filename extensions
</description>
  <summary>openssl: security and bugfix update to 1.0.0k</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places