SUSE-SU-2016:1228-1 -- Suse opensslID: oval:org.secpod.oval:def:400727 | Date: (C)2016-12-27 (M)2024-02-19 |
Class: PATCH | Family: unix |
This update for openssl fixes the following issues: - CVE-2016-2108: Memory corruption in the ASN.1 encoder - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check - CVE-2016-2105: EVP_EncodeUpdate overflow - CVE-2016-2106: EVP_EncryptUpdate overflow - CVE-2016-2109: ASN.1 BIO excessive memory allocation - bsc#976943: Buffer overrun in ASN1_parse - bsc#977621: Preserve negotiated digests for SNI - bsc#958501: Fix openssl enc -non-fips-allow option in FIPS mode
Platform: |
SUSE Linux Enterprise Desktop 12 |
SUSE Linux Enterprise Server 12 |