24 matches found
OESA-2023-1092 openssl security update
OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL...
AZL-13302 CVE-2022-4304 affecting package cloud-hypervisor for versions less than 30.0-2
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages fo...
SUSE-SU-2023:0306-1 Security update for openssl-1_0_0
This update for openssl-100 fixes the following issues: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERALNAMEcmp for x400Address bsc1207533. - CVE-2023-0215: Fixed use-after-free following BIOnewNDEF bsc1207536. - CVE-2022-4304: Fixed timing Oracle in RSA Decryption bsc1207534....
SUSE-SU-2023:0305-2 Security update for openssl-1_0_0
This update for openssl-100 fixes the following issues: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERALNAMEcmp for x400Address bsc1207533. - CVE-2023-0215: Fixed use-after-free following BIOnewNDEF bsc1207536. - CVE-2022-4304: Fixed timing Oracle in RSA Decryption bsc1207534...