Accepting request 886496 from home:jsikes:branches:security:tls

Added bsc numbers to changelog. OBS-URL: https://build.opensuse.org/request/show/886496 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=92
2021-04-18 23:41:13 +00:00 · 2021-04-18 23:41:13 +00:00 · 7d266d26c5
commit 7d266d26c5
parent abf147163e
1 changed files with 2 additions and 0 deletions
--- a/openssl-1_1.changes
+++ b/openssl-1_1.changes
@ -6,6 +6,7 @@ Thu Mar 25 23:51:47 UTC 2021 - Jason Sikes <jsikes@suse.com>
    the X509_V_FLAG_X509_STRICT flag. This flag enables additional
    security checks of the certificates present in a certificate
    chain. It is not set by default. ([CVE-2021-3450])
+    [bsc#1183851]

  * Fixed an issue where an OpenSSL TLS server may crash if sent a
    maliciously crafted renegotiation ClientHello message from a
@ -18,6 +19,7 @@ Thu Mar 25 23:51:47 UTC 2021 - Jason Sikes <jsikes@suse.com>
    A server is only vulnerable if it has TLSv1.2 and renegotiation
    enabled (which is the default configuration). OpenSSL TLS
    clients are not impacted by this issue. ([CVE-2021-3449])
+    [bsc#1183852]

 -------------------------------------------------------------------
 Tue Mar  2 19:40:25 UTC 2021 - Pedro Monreal <pmonreal@suse.com>