Oval Definition:oval:org.opensuse.security:def:78875
Revision Date:2017-02-10Version:1
Title:Security update for openssl (Moderate)
Description:



This update for openssl fixes the following issues contained in the OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641)

Security issues fixed: - CVE-2016-7055: The x86_64 optimized montgomery multiplication may produce incorrect results (bsc#1009528) - CVE-2017-3731: Truncated packet could crash via OOB read (bsc#1022085) - CVE-2017-3732: BN_mod_exp may produce incorrect results on x86_64 (bsc#1022086) - Degrade the 3DES cipher to MEDIUM in SSLv2 (bsc#1001912)

Non-security issues fixed: - fix crash in openssl speed (bsc#1000677) - fix X509_CERT_FILE path (bsc#1022271) - AES XTS key parts must not be identical in FIPS mode (bsc#1019637)
Family:unixClass:patch
Status:Reference(s):1000677
1001912
1009528
1019637
1021641
1022085
1022086
1022271
CVE-2016-7055
CVE-2017-3731
CVE-2017-3732
SUSE-SU-2017:0441-1
Platform(s):SUSE Linux Enterprise Desktop 12 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-59.1 is installed
  • OR libopenssl1_0_0-1.0.2j-59.1 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-59.1 is installed
  • OR openssl-1.0.2j-59.1 is installed
    • BACK