Oval Definition:
oval:org.opensuse.security:def:78437
Revision Date
:
2016-09-16
Version
:
1
Title
:
Security update for curl (Moderate)
Description
:
This update for curl fixes the following issues:
Security issues fixed: - CVE-2016-5419: TLS session resumption client cert bypass (bsc#991389) - CVE-2016-5420: Re-using connections with wrong client cert (bsc#991390) - CVE-2016-5421: use of connection struct after free (bsc#991391) - CVE-2016-7141: Fixed incorrect reuse of client certificates with NSS (bsc#997420)
Also the following bug was fixed: - fixing a performance issue (bsc#991746)
Family
:
unix
Class
:
patch
Status
:
Reference(s)
:
991389
991390
991391
991746
997420
CVE-2016-5419
CVE-2016-5420
CVE-2016-5421
CVE-2016-7141
SUSE-SU-2016:2330-1
Platform(s)
:
SUSE Linux Enterprise Desktop 12 SP1
Product(s)
:
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed
AND
Package Information
curl-7.37.0-28.1 is installed
OR
libcurl4-7.37.0-28.1 is installed
OR
libcurl4-32bit-7.37.0-28.1 is installed
BACK