SUSE-SU-2022:2306-1 -- SLES openssl-3, libopenssl-3-devel, libopenssl3ID: oval:org.secpod.oval:def:89047815 | Date: (C)2022-10-28 (M)2024-05-09 |
Class: PATCH | Family: unix |
This update for openssl-3 fixes the following issues: - CVE-2022-2068: Fixed more shell code injection issues in c_rehash. - CVE-2022-1292: Properly sanitise shell metacharacters in c_rehash script. - CVE-2022-1343: Fixed incorrect signature verification in OCSP_basic_verify . - CVE-2022-2097: Fixed partial missing encryption in AES OCB mode . - CVE-2022-1434: Fixed incorrect MAC key used in the RC4-MD5 ciphersuite . - CVE-2022-1473: Fixed resource leakage when decoding certificates and keys .
Platform: |
SUSE Linux Enterprise Desktop 15 SP4 |
SUSE Linux Enterprise Server 15 SP4 |
Product: |
openssl-3 |
libopenssl-3-devel |
libopenssl3 |