Overview

File _patchinfo of Package patchinfo.4386

<patchinfo incident="4386">
  <packager>jengelh</packager>
  <issue tracker="cve" id="CVE-2015-3194"></issue>
  <issue tracker="cve" id="CVE-2015-3195"></issue>
  <issue tracker="bnc" id="958768"></issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>Security update for libressl</summary>
  <description>LibreSSL was updated to fix two security issues inherited from OpenSSL.

The following vulnerabilities were fixed:

* CVE-2015-3194: NULL pointer dereference in client side certificate validation
* CVE-2015-3195: Memory leak in PKCS7 - not reachable from TLS/SSL
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places