2 matches found
MGASA-2021-0176 Updated openssl packages fix security vulnerability
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension where it was present in the initial ClientHello, but includes a signaturealgorithmscert extension then a NU...
OPENSUSE-SU-2020:2269-1 Security update for openssl-1_0_0
This update for openssl-100 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME bsc1179491. - Initialized dh-nid to NIDundef in DHnewmethod bsc1177673. - Fixed a test failure in apachessl in fips mode bsc1177793. - Renamed BNgetrfc3526prime functions back...