Overview

File _patchinfo of Package patchinfo.28040

<patchinfo incident="28040">
  <issue tracker="cve" id="2023-0464"/>
  <issue tracker="bnc" id="1202062">L3-Question: openssl: FIPS additional checks fail with existing key</issue>
  <issue tracker="bnc" id="1209624">VUL-0: CVE-2023-0464: openssl,openssl-1_0_0,compat-openssl098,openssl1,openssl-3,openssl-1_1:  Excessive Resource Usage Verifying X.509 Policy Constraints</issue>
  <packager>ohollmann</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for openssl-1_0_0</summary>
  <description>This update for openssl-1_0_0 fixes the following issues:

Security fixes:

- CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints (bsc#1209624).

Other fixes:

- Fix DH key generation in FIPS mode, add support for constant BN for DH parameters (bsc#1202062)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places