SUSE: 2016:2469-1 Critical Update for OpenSSL1 Memory Vulnerabilities

suse

October 6, 2016

An update that solves 11 vulnerabilities and has 5 fixes is An update that solves 11 vulnerabilities and has 5 fixes is An update that solves 11 vulnerabilities and has 5 fixes is ...

Summary

This update for openssl1 fixes the following issues: penSSL Security Advisory [22 Sep 2016] (bsc#999665) Severity: High * OCSP Status Request extension unbounded memory growth (CVE-2016-6304) (bsc#999666) Severity: Low * Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575) * Constant time flag not preserved in DSA signing (CVE-2016-2178) (bsc#983249) * DTLS buffered message DoS (CVE-2016-2179) (bsc#994844) * OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (bsc#990419) * DTLS replay protection DoS (CVE-2016-2181) (bsc#994749) * OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819) * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183) (bsc#995359) * Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)

Topics Covered

security advisory update critical memory issue SUSE openssl1

References

#979475 #982575 #982745 #983249 #990419 #993819

#994749 #994844 #995075 #995324 #995359 #995377

#998190 #999665 #999666 #999668

Cross- CVE-2016-2177 CVE-2016-2178 CVE-2016-2179

CVE-2016-2180 CVE-2016-2181 CVE-2016-2182

CVE-2016-2183 CVE-2016-6302 CVE-2016-6303

CVE-2016-6304 CVE-2016-6306

Affected Products:

SUSE Linux Enterprise Server 11-SECURITY

https://www.suse.com/security/cve/CVE-2016-2177.html

https://www.suse.com/security/cve/CVE-2016-2178.html

https://www.suse.com/security/cve/CVE-2016-2179.html

https://www.suse.com/security/cve/CVE-2016-2180.html

https://www.suse.com/security/cve/CVE-2016-2181.html

https://www.suse.com/security/cve/CVE-2016-2182.html

https://www.suse.com/security/cve/CVE-2016-2183.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2016:2469-1

Rating: important

Topics Covered

security advisory update critical memory issue SUSE openssl1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2016:2469-1 Critical Update for OpenSSL1 Memory Vulnerabilities

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2016:2469-1 Critical Update for OpenSSL1 Memory Vulnerabilities

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!