Oval Definition:	oval:org.opensuse.security:def:20155291
Revision Date: 2022-06-30 Version: 1 Title: CVE-2015-5291 Description: Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long hostname to the server name indication (SNI) extension, which is not properly handled when creating a ClientHello message. NOTE: this identifier has been SPLIT per ADT3 due to different affected version ranges. See CVE-2015-8036 for the session ticket issue that was introduced in 1.3.0. Family: unix Class: vulnerability Status: Reference(s): CVE-2015-5291 Mitre CVE-2015-5291 SUSE CVE-2015-5291 openSUSE-SU-2015:2257-1 openSUSE-SU-2015:2371-1 Platform(s): openSUSE 13.2 openSUSE Leap 42.1 openSUSE Leap 42.2 openSUSE Tumbleweed Product(s): Definition Synopsis openSUSE 13.2 is installed AND Package Information libpolarssl7-1.3.9-11.1 is installed OR polarssl-1.3.9-11.1 is installed OR polarssl-devel-1.3.9-11.1 is installed Definition Synopsis openSUSE Leap 42.2 is installed AND Package Information libmbedtls9-1.3.17-13.1 is installed AND libmbedtls9 is signed with openSUSE key Definition Synopsis openSUSE Leap 42.1 is installed AND Package Information libmbedtls9-1.3.15-6.1 is installed AND libmbedtls9 is signed with openSUSE key OR libmbedtls9-32bit-1.3.15-6.1 is installed AND libmbedtls9-32bit is signed with openSUSE key OR mbedtls-1.3.15-6.1 is installed AND mbedtls is signed with openSUSE key OR mbedtls-devel-1.3.15-6.1 is installed AND mbedtls-devel is signed with openSUSE key Definition Synopsis openSUSE Tumbleweed is installed AND Package Information libmbedcrypto0-2.4.0-1.2 is installed OR libmbedcrypto0-32bit-2.4.0-1.2 is installed OR libmbedtls10-2.4.0-1.2 is installed OR libmbedtls10-32bit-2.4.0-1.2 is installed OR libmbedx509-0-2.4.0-1.2 is installed OR libmbedx509-0-32bit-2.4.0-1.2 is installed OR mbedtls-devel-2.4.0-1.2 is installed
BACK