Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: 2023:1187-1 Moderate: OpenSSL Certificate Policy Update

suse
Calendar Grey April 20, 2023
Dist Suse Esm H88
SUSE Container Patch Notice: suse/sles12sp5 prioritizes certificate-related vulnerabilities in openssl, tackling significant concerns.
The container suse/sles12sp5 was updated

Summary

Advisory ID: SUSE-SU-2023:1914-1 Released: Wed Apr 19 14:24:23 2023 Summary: Security update for openssl-1_0_0 Type: security Severity: moderate

Topics%20covered

Topics Covered

security advisory moderate update patch suse openssl certificate policy

References

References : 1209873 1209878 CVE-2023-0465 CVE-2023-0466

1209873,1209878,CVE-2023-0465,CVE-2023-0466

This update for openssl-1_0_0 fixes the following issues:

- CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored (bsc#1209878).

- CVE-2023-0466: Certificate policy check were not enabled (bsc#1209873).

The following package changes have been done:

- libopenssl1_0_0-1.0.2p-3.72.1 updated

- openssl-1_0_0-1.0.2p-3.72.1 updated

Container Advisory ID : SUSE-CU-2023:1187-1
Container Tags : suse/sles12sp5:6.5.459 , suse/sles12sp5:latest
Container Release : 6.5.459
Severity : moderate
Type : security

Topics%20covered

Topics Covered

security advisory moderate update patch suse openssl certificate policy

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here