Overview Details

File _patchinfo of Package patchinfo

<patchinfo>
  <category>security</category>
  <rating>important</rating>
  <packager>mkubecek</packager>
  <summary>Security update for libopenssl0_9_8</summary>
  <description>
This update for libopenssl0_9_8 fixes the following issues:

- CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)
- CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)
- CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)
- CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)
- CVE-2016-0702: Side channel attack on modular exponentiation "CacheBleed" (bsc#968050)
- bsc#976943: Buffer overrun in ASN1_parse

and updates the package to version 0.9.8zh which collects many other
fixes, including security ones.
</description>
  <issue tracker="cve" id="2015-3197"/>
  <issue tracker="cve" id="2016-0702"/>
  <issue tracker="cve" id="2016-0797"/>
  <issue tracker="cve" id="2016-0799"/>
  <issue tracker="cve" id="2016-0800"/>
  <issue tracker="cve" id="2016-2105"/>
  <issue tracker="cve" id="2016-2106"/>
  <issue tracker="cve" id="2016-2108"/>
  <issue tracker="cve" id="2016-2109"/>
  <issue tracker="bnc" id="968046"/>
  <issue tracker="bnc" id="968374"/>
  <issue tracker="bnc" id="968048"/>
  <issue tracker="bnc" id="968050"/>
  <issue tracker="bnc" id="963415"/>
  <issue tracker="bnc" id="976942"/>
  <issue tracker="bnc" id="976943"/>
  <issue tracker="bnc" id="977614"/>
  <issue tracker="bnc" id="977615"/>
  <issue tracker="bnc" id="977617"/>
</patchinfo>
openSUSE Build Service is sponsored by
Places