Oval Definition:oval:org.opensuse.security:def:67082
Revision Date:2021-03-25Version:1
Title:Security update for openssl-1_1 (Important)
Description:

This update for openssl-1_1 fixes the security issue:

CVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension but includes a signature_algorithms_cert extension, then a NULL pointer dereference will result, leading to a crash and a denial of service attack. OpenSSL TLS clients are not impacted by this issue. [bsc#1183852]
Family:unixClass:patch
Status:Reference(s):1172265
1175596
1177472
1178428
1183852
CVE-2017-9103
CVE-2017-9104
CVE-2017-9105
CVE-2017-9106
CVE-2017-9107
CVE-2017-9108
CVE-2017-9109
CVE-2020-14765
CVE-2020-14776
CVE-2020-14789
CVE-2020-14812
CVE-2020-15180
CVE-2021-3449
SUSE-SU-2020:3500-1
Platform(s):SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • libmariadb3-3.1.11-3.22 is installed
  • OR libmariadbprivate-3.1.11-3.22 is installed
  • OR mariadb-connector-c-3.1.11-3.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • adns-1.5.1-3.3 is installed
  • OR libadns-devel-1.5.1-3.3 is installed
  • OR libadns-devel-32bit-1.5.1-3.3 is installed
  • OR libadns1-1.5.1-3.3 is installed
  • OR libadns1-32bit-1.5.1-3.3 is installed
    • BACK