SUSE-SU-2016:1233-1 -- Suse openssl| ID: oval:org.secpod.oval:def:400786 | Date: (C)2016-11-22 (M)2024-02-19 |
| Class: PATCH | Family: unix |
This update for openssl fixes the following issues: - CVE-2016-2108: Memory corruption in the ASN.1 encoder - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check - CVE-2016-2105: EVP_EncodeUpdate overflow - CVE-2016-2106: EVP_EncryptUpdate overflow - CVE-2016-2109: ASN.1 BIO excessive memory allocation - bsc#976943: Buffer overrun in ASN1_parse - bsc#977621: Preserve negotiated digests for SNI - bsc#958501: Fix openssl enc -non-fips-allow option in FIPS mode
| Platform: |
| SUSE Linux Enterprise Server 12 SP1 |
| SUSE Linux Enterprise Desktop 12 SP1 |
