Overview

File _patchinfo of Package patchinfo.32074

<patchinfo incident="32074">
  <issue tracker="bnc" id="1218810">VUL-0: CVE-2023-6237: openssl-3: Excessive time spent checking invalid RSA public keys</issue>
  <issue tracker="bnc" id="1218690">VUL-0: CVE-2023-6129: openssl-3: POLY1305 MAC implementation corrupts vector registers on PowerPC</issue>
  <issue tracker="cve" id="2023-6129"/>
  <issue tracker="cve" id="2023-6237"/>
  <issue tracker="bnc" id="1219243">VUL-0: CVE-2024-0727: compat-openssl098,openssl,openssl-1_0_0,openssl-1_1,openssl-1_1-livepatches,openssl-3,openssl1: openssl: denial of service via null dereference</issue>
  <issue tracker="cve" id="2024-0727"/>
  <packager>ohollmann</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for openssl-3</summary>
  <description>This update for openssl-3 fixes the following issues:

- CVE-2023-6129: Fixed vector register clobbering on PowerPC. (bsc#1218690)
- CVE-2023-6237: Fixed excessive time spent checking invalid RSA public keys. (bsc#1218810)
- CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places