Oval Definition:	oval:org.opensuse.security:def:201718187
Revision Date: 2021-10-24 Version: 1 Title: CVE-2017-18187 Description: In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-18187 openSUSE-SU-2018:0488-1 openSUSE-SU-2018:0491-1 Mitre CVE-2017-18187 SUSE CVE-2017-18187 openSUSE-SU-2018:0488-1 openSUSE-SU-2018:0491-1 Platform(s): openSUSE Leap 42.3 SUSE Linux Enterprise High Performance Computing 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Package Hub for SUSE Linux Enterprise 12 Product(s): Definition Synopsis openSUSE Leap 42.3 is installed AND Package Information libmbedtls9-1.3.19-21 is installed AND libmbedtls9 is signed with openSUSE key OR libmbedtls9-32bit-1.3.19-21 is installed AND libmbedtls9-32bit is signed with openSUSE key OR mbedtls-1.3.19-21 is installed AND mbedtls is signed with openSUSE key OR mbedtls-devel-1.3.19-21 is installed AND mbedtls-devel is signed with openSUSE key Definition Synopsis SUSE Package Hub for SUSE Linux Enterprise 12 is installed AND Package Information libmbedtls9-1.3.19-11 is installed OR libmbedtls9-32bit-1.3.19-21 is installed OR mbedtls-1.3.19-11 is installed OR mbedtls-devel-1.3.19-11 is installed Definition Synopsis SUSE Package Hub for SUSE Linux Enterprise 12 is installed AND Package Information libmbedtls9-1.3.19-11.1 is installed OR mbedtls-devel-1.3.19-11.1 is installed
BACK