[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96125

 
 

909

 
 

78020

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

SUSE-SU-2016:1228-1 -- Suse openssl

ID: oval:org.secpod.oval:def:400727Date: (C)2016-12-27   (M)2017-10-12
Class: PATCHFamily: unix




This update for openssl fixes the following issues: - CVE-2016-2108: Memory corruption in the ASN.1 encoder - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check - CVE-2016-2105: EVP_EncodeUpdate overflow - CVE-2016-2106: EVP_EncryptUpdate overflow - CVE-2016-2109: ASN.1 BIO excessive memory allocation - bsc#976943: Buffer overrun in ASN1_parse - bsc#977621: Preserve negotiated digests for SNI - bsc#958501: Fix openssl enc -non-fips-allow option in FIPS mode

Platform:
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Server 12
Product:
openssl
Reference:
SUSE-SU-2016:1228-1
CVE-2016-2105
CVE-2016-2106
CVE-2016-2107
CVE-2016-2108
CVE-2016-2109
CVE    5
CVE-2016-2106
CVE-2016-2107
CVE-2016-2105
CVE-2016-2108
...
CPE    44
cpe:/a:openssl:openssl
cpe:/a:openssl:openssl:1.0.1n
cpe:/o:novell:leap:42.1
cpe:/o:novell:opensuse:13.2
...

© 2013 SecPod Technologies