SUSE_ALP_Standard/patchinfo.20241024132237348105.255638743075857/_patchinfo

<patchinfo incident="201">
  <!-- generated from request(s) 349393 -->
  <issue tracker="bnc" id="1220262">VUL-0: CVE-2023-50782: openssl: consider backporting implicit rejection in PKCS#1 v1.5</issue>
  <issue tracker="bnc" id="1230698">VUL-0: CVE-2024-41996: openssl-1_1,openssl-3: DHEATATTACK: Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers to trigger expensive server-side DHE</issue>
  <issue tracker="cve" id="2023-50782"/>
  <issue tracker="cve" id="2024-41996"/>
  <packager>pmonrealgonzalez</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for openssl-3</summary>
  <description>This update for openssl-3 fixes the following issues:

- CVE-2024-41996: Fixed a denial of service in the Diffie-Hellman Key Agreement Protocol (bsc#1230698).
- CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262)
</description>
  <package>openssl-3</package>
  <seperate_build_arch/>
</patchinfo>
Update incident numbers 2025-01-24 12:03:35 +00:00			`<patchinfo incident="201">`
Adding patchinfo patchinfo.20241024132237348105.255638743075857 2025-01-24 13:02:12 +01:00			`<!-- generated from request(s) 349393 -->`
			`<issue tracker="bnc" id="1220262">VUL-0: CVE-2023-50782: openssl: consider backporting implicit rejection in PKCS#1 v1.5</issue>`
			`<issue tracker="bnc" id="1230698">VUL-0: CVE-2024-41996: openssl-1_1,openssl-3: DHEATATTACK: Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers to trigger expensive server-side DHE</issue>`
			`<issue tracker="cve" id="2023-50782"/>`
			`<issue tracker="cve" id="2024-41996"/>`
			`<packager>pmonrealgonzalez</packager>`
			`<rating>important</rating>`
			`<category>security</category>`
			`<summary>Security update for openssl-3</summary>`
			`<description>This update for openssl-3 fixes the following issues:`

			`- CVE-2024-41996: Fixed a denial of service in the Diffie-Hellman Key Agreement Protocol (bsc#1230698).`
			`- CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262)`
			`</description>`
			`<package>openssl-3</package>`
			`<seperate_build_arch/>`
Update incident numbers 2025-01-24 12:03:35 +00:00			`</patchinfo>`