Overview

Request 393469 accepted

- OpenSSL Security Advisory [3rd May 2016]
* Memory corruption in the ASN.1 encoder
- bsc#977617 (CVE-2016-2108)
* EVP_EncodeUpdate overflow
- bsc#977614 (CVE-2016-2105)
* EVP_EncryptUpdate overflow
- bsc#977615 (CVE-2016-2106)
* ASN.1 BIO excessive memory allocation
- bsc#976942 (CVE-2016-2109)
* add patches
+ openssl-CVE-2016-2105.patch
+ openssl-CVE-2016-2106.patch
+ openssl-CVE-2016-2108.patch
+ openssl-CVE-2016-2109.patch
- Fix side channel attack on modular exponentiation
* "CacheBleed" (bsc#968050)
* add openssl-CVE-2016-0702.patch
- Fix buffer overrun in ASN1_parse (bsc#976943)
* add 0001-Fix-buffer-overrun-in-ASN1_parse.patch

Request History
Vítězslav Čížek's avatar

vitezslav_cizek created request

- OpenSSL Security Advisory [3rd May 2016]
* Memory corruption in the ASN.1 encoder
- bsc#977617 (CVE-2016-2108)
* EVP_EncodeUpdate overflow
- bsc#977614 (CVE-2016-2105)
* EVP_EncryptUpdate overflow
- bsc#977615 (CVE-2016-2106)
* ASN.1 BIO excessive memory allocation
- bsc#976942 (CVE-2016-2109)
* add patches
+ openssl-CVE-2016-2105.patch
+ openssl-CVE-2016-2106.patch
+ openssl-CVE-2016-2108.patch
+ openssl-CVE-2016-2109.patch
- Fix side channel attack on modular exponentiation
* "CacheBleed" (bsc#968050)
* add openssl-CVE-2016-0702.patch
- Fix buffer overrun in ASN1_parse (bsc#976943)
* add 0001-Fix-buffer-overrun-in-ASN1_parse.patch


Maintenance Bot's avatar

maintbot added openSUSE:13.1 as a reviewer

Submission by someone who is not maintainer in the devel project. Please review


Maintenance Bot's avatar

maintbot accepted review

accepted


Andreas Stieger's avatar

AndreasStieger accepted request

starting update

openSUSE Build Service is sponsored by