| Revision Date: | 2021-03-25 | Version: | 1 |
| Title: | Security update for openssl-1_1 (Important) |
| Description: |
This update for openssl-1_1 fixes the following security issue:
CVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension but includes a signature_algorithms_cert extension, then a NULL pointer dereference will result, leading to a crash and a denial of service attack. OpenSSL TLS clients are not impacted by this issue. [bsc#1183852]
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1183852
CVE-2021-3449
SUSE-SU-2021:0954-1
|
| Platform(s): | SUSE OpenStack Cloud Crowbar 9
| Product(s): | |
| Definition Synopsis |
| SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information
libopenssl1_1-1.1.1d-2.33.1 is installed
OR libopenssl1_1-32bit-1.1.1d-2.33.1 is installed
OR openssl-1_1-1.1.1d-2.33.1 is installed
|