File _patchinfo of Package patchinfo.17570
<patchinfo incident="17570"> <issue tracker="cve" id="2020-1971"/> <issue tracker="bnc" id="1179491">VUL-0: CVE-2020-1971: openssl1,openssl-1_1,openssl-1_0_0: EDIPARTYNAME NULL pointer de-reference (GHSA-q3mv-586c-wxfq)</issue> <issue tracker="bnc" id="1176029">FIPS: openssl: (EC)Diffie-Hellman requirements from SP800-56Arev3 SLE-12-SP5</issue> <issue tracker="bnc" id="1155346">FIPS: openssl: fips_check_rsa: Pairwise consistency test should use SHA2</issue> <issue tracker="bnc" id="1177793">FIPS: [Build 20201014-2] openQA test fails in apache_ssl (fips mode)</issue> <issue tracker="bnc" id="1177479">FIPS: openssl: regression in EC_KEY_check_key</issue> <issue tracker="bnc" id="1177673">Non initialized nid in DH_new_method()</issue> <issue tracker="bnc" id="1177575">[Build 20201012-1] With openssl-1_0_0-1.0.2p-3.21.1 apache2 cannot load mod_ssl.so: undefined symbol: get_rfc3526_prime_8192</issue> <issue tracker="jsc" id="SLE-10541"/> <packager>vitezslav_cizek</packager> <rating>important</rating> <category>security</category> <summary>Security update for openssl-1_0_0</summary> <description>This update for openssl-1_0_0 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME (bsc#1179491). - Initialized dh->nid to NID_undef in DH_new_method() (bsc#1177673). - Fixed a test failure in apache_ssl in fips mode (bsc#1177793). - Renamed BN_get_rfc3526_prime_* functions back to get_rfc3526_prime_* (bsc#1177575). - Restored private key check in EC_KEY_check_key (bsc#1177479). - Added shared secret KAT to FIPS DH selftest (bsc#1176029). - Included ECDH/DH Requirements from SP800-56Arev3 (bsc#1176029). - Used SHA-2 in the RSA pairwise consistency check (bsc#1155346) </description> </patchinfo>
