Overview

File _patchinfo of Package patchinfo.28534

<patchinfo incident="28534">
  <issue tracker="bnc" id="1209878">VUL-0: CVE-2023-0465: openssl-1_1,openssl1,openssl,openssl-1_0_0,openssl-3: Invalid certificate policies in leaf certificates are silently ignored</issue>
  <issue tracker="bnc" id="1209873">VUL-1: CVE-2023-0466: openssl-3,openssl-1_0_0,openssl-1_1,openssl1,openssl: Certificate policy check not enabled</issue>
  <issue tracker="bnc" id="1210060">openssl-3 FTBFS 2023-03-30</issue>
  <issue tracker="cve" id="2023-0465"/>
  <issue tracker="cve" id="2023-0466"/>
  <packager>ohollmann</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for openssl-3</summary>
  <description>This update for openssl-3 fixes the following issues:

- CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored (bsc#1209878).
- CVE-2023-0466: Certificate policy check were not enabled (bsc#1209873).
- Update further expiring certificates that affect tests (bsc#1210060)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places