Overview Details

File _patchinfo of Package patchinfo

<patchinfo incident="5070">
  <issue id="977584" tracker="bnc">VUL-0: [TRACKERBUG] openssl: 2016-05-03 security releases</issue>
  <issue id="978492" tracker="bnc">VUL-0: libressl: 2016-05-03 security releases</issue>
  <issue id="957815" tracker="bnc">VUL-0: CVE-2015-3194: openssl: Certificate verify crash with missing PSS parameter</issue>
  <issue id="957812" tracker="bnc">VUL-0: CVE-2015-3195: openssl: X509_ATTRIBUTE memory leak</issue>
  <issue id="950707" tracker="bnc">VUL-0: CVE-2015-5333: libressl: Memory Leak</issue>
  <issue id="950708" tracker="bnc">VUL-0: CVE-2015-5334: libressl: Buffer Overflow</issue>
  <issue id="CVE-2015-5334" tracker="cve" />
  <issue id="CVE-2015-3194" tracker="cve" />
  <issue id="CVE-2015-3195" tracker="cve" />
  <issue id="CVE-2015-5333" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>jengelh</packager>
  <description>
This libressl update to version 2.2.7 fixes the following issues:

Security issues fixed:
- Fix multiple vulnerabilities in libcrypto relating to ASN.1 and encoding. [boo#978492, boo#977584]
- CVE-2015-3194: Certificate verify crash with missing PSS parameter (boo#957815)
- CVE-2015-3195: X509_ATTRIBUTE memory leak (boo#957812)
- CVE-2015-5333: Memory Leak (boo#950707)
- CVE-2015-5334: Buffer Overflow (boo#950708)
</description>
  <summary>Security update for libressl</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places