SUSE-SU-2022:2306-1 -- SLES openssl-3, libopenssl-3-devel, libopenssl3| ID: oval:org.secpod.oval:def:89047815 | Date: (C)2022-10-28 (M)2024-05-09 |
| Class: PATCH | Family: unix |
This update for openssl-3 fixes the following issues: - CVE-2022-2068: Fixed more shell code injection issues in c_rehash. - CVE-2022-1292: Properly sanitise shell metacharacters in c_rehash script. - CVE-2022-1343: Fixed incorrect signature verification in OCSP_basic_verify . - CVE-2022-2097: Fixed partial missing encryption in AES OCB mode . - CVE-2022-1434: Fixed incorrect MAC key used in the RC4-MD5 ciphersuite . - CVE-2022-1473: Fixed resource leakage when decoding certificates and keys .
| Platform: |
| SUSE Linux Enterprise Desktop 15 SP4 |
| SUSE Linux Enterprise Server 15 SP4 |
| Product: |
| openssl-3 |
| libopenssl-3-devel |
| libopenssl3 |
