pool/openssl-1_1
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 886506 from security:tls

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/886506
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=24
This commit is contained in:
Dominique Leuenberger 2021-04-19 19:06:14 +00:00 committed by Git OBS Bridge
commit 9119842a93
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
openssl-1_1.changes
View File

@ -6,6 +6,7 @@ Thu Mar 25 23:51:47 UTC 2021 - Jason Sikes <jsikes@suse.com>
the X509_V_FLAG_X509_STRICT flag. This flag enables additional the X509_V_FLAG_X509_STRICT flag. This flag enables additional
security checks of the certificates present in a certificate security checks of the certificates present in a certificate
chain. It is not set by default. ([CVE-2021-3450]) chain. It is not set by default. ([CVE-2021-3450])
[bsc#1183851]
* Fixed an issue where an OpenSSL TLS server may crash if sent a * Fixed an issue where an OpenSSL TLS server may crash if sent a
maliciously crafted renegotiation ClientHello message from a maliciously crafted renegotiation ClientHello message from a
@ -18,6 +19,7 @@ Thu Mar 25 23:51:47 UTC 2021 - Jason Sikes <jsikes@suse.com>
A server is only vulnerable if it has TLSv1.2 and renegotiation A server is only vulnerable if it has TLSv1.2 and renegotiation
enabled (which is the default configuration). OpenSSL TLS enabled (which is the default configuration). OpenSSL TLS
clients are not impacted by this issue. ([CVE-2021-3449]) clients are not impacted by this issue. ([CVE-2021-3449])
[bsc#1183852]
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Mar 2 19:40:25 UTC 2021 - Pedro Monreal <pmonreal@suse.com> Tue Mar 2 19:40:25 UTC 2021 - Pedro Monreal <pmonreal@suse.com>