Overview
Request 393430 accepted
- OpenSSL Security Advisory [3rd May 2016]
* Memory corruption in the ASN.1 encoder
- bsc#977617 (CVE-2016-2108)
* Padding oracle in AES-NI CBC MAC check
- bsc#977616 (CVE-2016-2107)
* EVP_EncodeUpdate overflow
- bsc#977614 (CVE-2016-2105)
* EVP_EncryptUpdate overflow
- bsc#977615 (CVE-2016-2106)
* ASN.1 BIO excessive memory allocation
- bsc#976942 (CVE-2016-2109)
* add patches
+ openssl-CVE-2016-2105.patch
+ openssl-CVE-2016-2106.patch
+ openssl-CVE-2016-2107.patch
+ openssl-CVE-2016-2108.patch
+ openssl-CVE-2016-2109.patch
- Fix buffer overrun in ASN1_parse (bsc#976943)
* add 0001-Fix-buffer-overrun-in-ASN1_parse.patch
- Preserve digests for SNI (bsc#977621)
* add 0001-Preserve-digests-for-SNI.patch
- Fix openssl enc -non-fips-allow option in FIPS mode (bsc#958501)
* modify openssl-fips-dont-fall-back-to-default-digest.patch
- Created by vitezslav_cizek
- In state accepted
Request History
vitezslav_cizek created request
- OpenSSL Security Advisory [3rd May 2016]
* Memory corruption in the ASN.1 encoder
- bsc#977617 (CVE-2016-2108)
* Padding oracle in AES-NI CBC MAC check
- bsc#977616 (CVE-2016-2107)
* EVP_EncodeUpdate overflow
- bsc#977614 (CVE-2016-2105)
* EVP_EncryptUpdate overflow
- bsc#977615 (CVE-2016-2106)
* ASN.1 BIO excessive memory allocation
- bsc#976942 (CVE-2016-2109)
* add patches
+ openssl-CVE-2016-2105.patch
+ openssl-CVE-2016-2106.patch
+ openssl-CVE-2016-2107.patch
+ openssl-CVE-2016-2108.patch
+ openssl-CVE-2016-2109.patch
- Fix buffer overrun in ASN1_parse (bsc#976943)
* add 0001-Fix-buffer-overrun-in-ASN1_parse.patch
- Preserve digests for SNI (bsc#977621)
* add 0001-Preserve-digests-for-SNI.patch
- Fix openssl enc -non-fips-allow option in FIPS mode (bsc#958501)
* modify openssl-fips-dont-fall-back-to-default-digest.patch
maintbot accepted review
accepted
maintbot approved review
accepted
AndreasStieger moved maintenance target to openSUSE:Maintenance:5042
AndreasStieger accepted request
ok
