[Forgot Password]
Login  Register Subscribe

23631

 
 

117687

 
 

98250

 
 

909

 
 

79198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

SUSE-SU-2016:1228-1 -- Suse openssl

ID: oval:org.secpod.oval:def:400727Date: (C)2016-12-27   (M)2017-11-27
Class: PATCHFamily: unix




This update for openssl fixes the following issues: - CVE-2016-2108: Memory corruption in the ASN.1 encoder - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check - CVE-2016-2105: EVP_EncodeUpdate overflow - CVE-2016-2106: EVP_EncryptUpdate overflow - CVE-2016-2109: ASN.1 BIO excessive memory allocation - bsc#976943: Buffer overrun in ASN1_parse - bsc#977621: Preserve negotiated digests for SNI - bsc#958501: Fix openssl enc -non-fips-allow option in FIPS mode

Platform:
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Server 12
Product:
openssl
Reference:
SUSE-SU-2016:1228-1
CVE-2016-2105
CVE-2016-2106
CVE-2016-2107
CVE-2016-2108
CVE-2016-2109
CVE    5
CVE-2016-2106
CVE-2016-2107
CVE-2016-2108
CVE-2016-2109
...
CPE    47
cpe:/o:suse:suse_linux_enterprise_server:12
cpe:/o:redhat:enterprise_linux_hpc_node:7.0
cpe:/o:suse:suse_linux_enterprise_desktop:12
cpe:/o:apple:mac_os_x:10.11.5
...

© 2013 SecPod Technologies