SUSE-SU-2016:1290-1

See a problem?
Please try reporting it to the source first.

Source

https://www.suse.com/support/update/announcement/2016/suse-su-20161290-1/

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:1290-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2016:1290-1

Related

Published

2016-05-12T14:57:49Z

Modified

2016-05-12T14:57:49Z

Summary

Security update for openssl

Details

This update for openssl fixes the following issues:

Security issues fixed: - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617) - CVE-2016-2105: EVPEncodeUpdate overflow (bsc#977614) - CVE-2016-2106: EVPEncryptUpdate overflow (bsc#977615) - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942) - CVE-2016-0702: Side channel attack on modular exponentiation 'CacheBleed' (bsc#968050)

Bugs fixed: - fate#320304: build 32bit devel package - bsc#976943: Fix buffer overrun in ASN1parse - bsc#973223: allow weak DH groups, vulnerable to the logjam attack, when environment variable OPENSSLALLOWLOGJAMATTACK is set - bsc#889013: Rename README.SuSE to the new spelling

References

Affected packages

SUSE:Linux Enterprise Software Development Kit 11 SP4 / openssl

Package

Name: openssl
Purl: purl:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.9.8j-0.97.1

Ecosystem specific

{
    "binaries": [
        {
            "libopenssl-devel": "0.9.8j-0.97.1",
            "libopenssl-devel-32bit": "0.9.8j-0.97.1"
        }
    ]
}

SUSE:OpenStack Cloud 5 / openssl

Package

Name: openssl
Purl: purl:rpm/suse/openssl&distro=SUSE%20OpenStack%20Cloud%205

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.9.8j-0.97.1

Ecosystem specific

{
    "binaries": [
        {
            "libopenssl-devel": "0.9.8j-0.97.1",
            "libopenssl0_9_8": "0.9.8j-0.97.1",
            "openssl-doc": "0.9.8j-0.97.1",
            "libopenssl0_9_8-hmac-32bit": "0.9.8j-0.97.1",
            "libopenssl0_9_8-hmac": "0.9.8j-0.97.1",
            "openssl": "0.9.8j-0.97.1",
            "libopenssl0_9_8-32bit": "0.9.8j-0.97.1"
        }
    ]
}

SUSE:Manager 2.1 / openssl

Package

Name: openssl
Purl: purl:rpm/suse/openssl&distro=SUSE%20Manager%202.1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.9.8j-0.97.1

Ecosystem specific

{
    "binaries": [
        {
            "libopenssl-devel": "0.9.8j-0.97.1",
            "libopenssl0_9_8": "0.9.8j-0.97.1",
            "openssl-doc": "0.9.8j-0.97.1",
            "libopenssl0_9_8-hmac-32bit": "0.9.8j-0.97.1",
            "libopenssl0_9_8-hmac": "0.9.8j-0.97.1",
            "openssl": "0.9.8j-0.97.1",
            "libopenssl0_9_8-32bit": "0.9.8j-0.97.1"
        }
    ]
}

SUSE:Manager Proxy 2.1 / openssl

Package

Name: openssl
Purl: purl:rpm/suse/openssl&distro=SUSE%20Manager%20Proxy%202.1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.9.8j-0.97.1

Ecosystem specific

{
    "binaries": [
        {
            "libopenssl-devel": "0.9.8j-0.97.1",
            "libopenssl0_9_8": "0.9.8j-0.97.1",
            "openssl-doc": "0.9.8j-0.97.1",
            "libopenssl0_9_8-hmac-32bit": "0.9.8j-0.97.1",
            "libopenssl0_9_8-hmac": "0.9.8j-0.97.1",
            "openssl": "0.9.8j-0.97.1",
            "libopenssl0_9_8-32bit": "0.9.8j-0.97.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP2-LTSS / openssl

Package

Name: openssl
Purl: purl:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.9.8j-0.97.1

Ecosystem specific

{
    "binaries": [
        {
            "libopenssl-devel": "0.9.8j-0.97.1",
            "libopenssl0_9_8": "0.9.8j-0.97.1",
            "openssl-doc": "0.9.8j-0.97.1",
            "libopenssl0_9_8-hmac-32bit": "0.9.8j-0.97.1",
            "libopenssl0_9_8-hmac": "0.9.8j-0.97.1",
            "openssl": "0.9.8j-0.97.1",
            "libopenssl0_9_8-32bit": "0.9.8j-0.97.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP3-LTSS / openssl

Package

Name: openssl
Purl: purl:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.9.8j-0.97.1

Ecosystem specific

{
    "binaries": [
        {
            "libopenssl-devel": "0.9.8j-0.97.1",
            "libopenssl0_9_8": "0.9.8j-0.97.1",
            "openssl-doc": "0.9.8j-0.97.1",
            "libopenssl0_9_8-hmac-32bit": "0.9.8j-0.97.1",
            "libopenssl0_9_8-hmac": "0.9.8j-0.97.1",
            "openssl": "0.9.8j-0.97.1",
            "libopenssl0_9_8-32bit": "0.9.8j-0.97.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP3-TERADATA / openssl

Package

Name: openssl
Purl: purl:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.9.8j-0.97.1

Ecosystem specific

{
    "binaries": [
        {
            "libopenssl-devel": "0.9.8j-0.97.1",
            "libopenssl0_9_8": "0.9.8j-0.97.1",
            "openssl-doc": "0.9.8j-0.97.1",
            "libopenssl0_9_8-hmac-32bit": "0.9.8j-0.97.1",
            "libopenssl0_9_8-hmac": "0.9.8j-0.97.1",
            "openssl": "0.9.8j-0.97.1",
            "libopenssl0_9_8-32bit": "0.9.8j-0.97.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4 / openssl

Package

Name: openssl
Purl: purl:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.9.8j-0.97.1

Ecosystem specific

{
    "binaries": [
        {
            "libopenssl0_9_8": "0.9.8j-0.97.1",
            "openssl-doc": "0.9.8j-0.97.1",
            "libopenssl0_9_8-hmac-32bit": "0.9.8j-0.97.1",
            "libopenssl0_9_8-hmac": "0.9.8j-0.97.1",
            "openssl": "0.9.8j-0.97.1",
            "libopenssl0_9_8-32bit": "0.9.8j-0.97.1",
            "libopenssl0_9_8-x86": "0.9.8j-0.97.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 11 SP4 / openssl

Package

Name: openssl
Purl: purl:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.9.8j-0.97.1

Ecosystem specific

{
    "binaries": [
        {
            "libopenssl0_9_8": "0.9.8j-0.97.1",
            "openssl-doc": "0.9.8j-0.97.1",
            "libopenssl0_9_8-hmac-32bit": "0.9.8j-0.97.1",
            "libopenssl0_9_8-hmac": "0.9.8j-0.97.1",
            "openssl": "0.9.8j-0.97.1",
            "libopenssl0_9_8-32bit": "0.9.8j-0.97.1",
            "libopenssl0_9_8-x86": "0.9.8j-0.97.1"
        }
    ]
}

SUSE:Studio Onsite 1.3 / openssl

Package

Name: openssl
Purl: purl:rpm/suse/openssl&distro=SUSE%20Studio%20Onsite%201.3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.9.8j-0.97.1

Ecosystem specific

{
    "binaries": [
        {
            "libopenssl-devel": "0.9.8j-0.97.1"
        }
    ]
}