SUSE-SU-2017:0441-1 -- SLES openssl, libopenssl-devel, libopenssl1_0_0ID: oval:org.secpod.oval:def:89044816 | Date: (C)2021-07-20 (M)2024-01-29 |
Class: PATCH | Family: unix |
This update for openssl fixes the following issues contained in the OpenSSL Security Advisory [26 Jan 2017] Security issues fixed: - CVE-2016-7055: The x86_64 optimized montgomery multiplication may produce incorrect results - CVE-2017-3731: Truncated packet could crash via OOB read - CVE-2017-3732: BN_mod_exp may produce incorrect results on x86_64 - Degrade the 3DES cipher to MEDIUM in SSLv2 Non-security issues fixed: - fix crash in openssl speed - fix X509_CERT_FILE path - AES XTS key parts must not be identical in FIPS mode
Platform: |
SUSE Linux Enterprise Server 12 SP2 |
Product: |
openssl |
libopenssl-devel |
libopenssl1_0_0 |