Описание
Recommended update for openssl
This update of openssl fixes a regression caused by the security fix for CVE-2015-0287, after which DSA keys could occasionaly not loaded from disk. (bsc#937492)
Список пакетов
SUSE Linux Enterprise Desktop 11 SP3
libopenssl0_9_8-0.9.8j-0.74.1
libopenssl0_9_8-32bit-0.9.8j-0.74.1
openssl-0.9.8j-0.74.1
SUSE Linux Enterprise Desktop 11 SP4
libopenssl0_9_8-0.9.8j-0.74.1
libopenssl0_9_8-32bit-0.9.8j-0.74.1
openssl-0.9.8j-0.74.1
SUSE Linux Enterprise Server 11 SP1-LTSS
libopenssl-devel-0.9.8j-0.74.1
libopenssl0_9_8-0.9.8j-0.74.1
libopenssl0_9_8-32bit-0.9.8j-0.74.1
libopenssl0_9_8-hmac-0.9.8j-0.74.1
libopenssl0_9_8-hmac-32bit-0.9.8j-0.74.1
openssl-0.9.8j-0.74.1
openssl-doc-0.9.8j-0.74.1
SUSE Linux Enterprise Server 11 SP1-TERADATA
libopenssl-devel-0.9.8j-0.74.1
libopenssl0_9_8-0.9.8j-0.74.1
libopenssl0_9_8-32bit-0.9.8j-0.74.1
libopenssl0_9_8-hmac-0.9.8j-0.74.1
libopenssl0_9_8-hmac-32bit-0.9.8j-0.74.1
openssl-0.9.8j-0.74.1
openssl-doc-0.9.8j-0.74.1
SUSE Linux Enterprise Server 11 SP2-LTSS
libopenssl-devel-0.9.8j-0.74.1
libopenssl0_9_8-0.9.8j-0.74.1
libopenssl0_9_8-32bit-0.9.8j-0.74.1
libopenssl0_9_8-hmac-0.9.8j-0.74.1
libopenssl0_9_8-hmac-32bit-0.9.8j-0.74.1
openssl-0.9.8j-0.74.1
openssl-doc-0.9.8j-0.74.1
SUSE Linux Enterprise Server 11 SP3
libopenssl0_9_8-0.9.8j-0.74.1
libopenssl0_9_8-32bit-0.9.8j-0.74.1
libopenssl0_9_8-hmac-0.9.8j-0.74.1
libopenssl0_9_8-hmac-32bit-0.9.8j-0.74.1
libopenssl0_9_8-x86-0.9.8j-0.74.1
openssl-0.9.8j-0.74.1
openssl-doc-0.9.8j-0.74.1
SUSE Linux Enterprise Server 11 SP3-TERADATA
libopenssl0_9_8-0.9.8j-0.74.1
libopenssl0_9_8-32bit-0.9.8j-0.74.1
libopenssl0_9_8-hmac-0.9.8j-0.74.1
libopenssl0_9_8-hmac-32bit-0.9.8j-0.74.1
libopenssl0_9_8-x86-0.9.8j-0.74.1
openssl-0.9.8j-0.74.1
openssl-doc-0.9.8j-0.74.1
SUSE Linux Enterprise Server 11 SP4
libopenssl0_9_8-0.9.8j-0.74.1
libopenssl0_9_8-32bit-0.9.8j-0.74.1
libopenssl0_9_8-hmac-0.9.8j-0.74.1
libopenssl0_9_8-hmac-32bit-0.9.8j-0.74.1
libopenssl0_9_8-x86-0.9.8j-0.74.1
openssl-0.9.8j-0.74.1
openssl-doc-0.9.8j-0.74.1
SUSE Linux Enterprise Server for SAP Applications 11 SP3
libopenssl0_9_8-0.9.8j-0.74.1
libopenssl0_9_8-32bit-0.9.8j-0.74.1
libopenssl0_9_8-hmac-0.9.8j-0.74.1
libopenssl0_9_8-hmac-32bit-0.9.8j-0.74.1
libopenssl0_9_8-x86-0.9.8j-0.74.1
openssl-0.9.8j-0.74.1
openssl-doc-0.9.8j-0.74.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
libopenssl0_9_8-0.9.8j-0.74.1
libopenssl0_9_8-32bit-0.9.8j-0.74.1
libopenssl0_9_8-hmac-0.9.8j-0.74.1
libopenssl0_9_8-hmac-32bit-0.9.8j-0.74.1
libopenssl0_9_8-x86-0.9.8j-0.74.1
openssl-0.9.8j-0.74.1
openssl-doc-0.9.8j-0.74.1
SUSE Linux Enterprise Software Development Kit 11 SP3
libopenssl-devel-0.9.8j-0.74.1
SUSE Linux Enterprise Software Development Kit 11 SP4
libopenssl-devel-0.9.8j-0.74.1
SUSE Studio Onsite 1.3
libopenssl-devel-0.9.8j-0.74.1
Ссылки
- Link for SUSE-RU-2015:1469-1
- E-Mail link for SUSE-RU-2015:1469-1
- SUSE Security Ratings
- SUSE Bug 937492
- SUSE CVE CVE-2015-0287 page
Описание
The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse.
Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.74.1
SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.74.1
SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.74.1
SUSE Linux Enterprise Desktop 11 SP4:libopenssl0_9_8-0.9.8j-0.74.1
Ссылки
- CVE-2015-0287
- SUSE Bug 912014
- SUSE Bug 919648
- SUSE Bug 922499
- SUSE Bug 936586
- SUSE Bug 937891
- SUSE Bug 968888
- SUSE Bug 991722