[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

SUSE-SU-2016:1233-1 -- Suse openssl

ID: oval:org.secpod.oval:def:400786Date: (C)2016-11-22   (M)2017-11-10
Class: PATCHFamily: unix




This update for openssl fixes the following issues: - CVE-2016-2108: Memory corruption in the ASN.1 encoder - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check - CVE-2016-2105: EVP_EncodeUpdate overflow - CVE-2016-2106: EVP_EncryptUpdate overflow - CVE-2016-2109: ASN.1 BIO excessive memory allocation - bsc#976943: Buffer overrun in ASN1_parse - bsc#977621: Preserve negotiated digests for SNI - bsc#958501: Fix openssl enc -non-fips-allow option in FIPS mode

Platform:
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Desktop 12 SP1
Product:
openssl
Reference:
SUSE-SU-2016:1233-1
CVE-2016-2105
CVE-2016-2106
CVE-2016-2107
CVE-2016-2108
CVE-2016-2109
CVE    5
CVE-2016-2106
CVE-2016-2107
CVE-2016-2108
CVE-2016-2109
...
CPE    44
cpe:/a:openssl:openssl:1.0.2a
cpe:/a:openssl:openssl:1.0.2
cpe:/o:google:android:4.3.1
cpe:/o:google:android:4.1.2
...

© 2013 SecPod Technologies