## This update for openssl-3, libpulp, ulp-macros fixes the following issues: openssl-3: \- CVE-2024-6119: possible denial of service in X.509 name checks (bsc#1229465) \- CVE-2024-5535: SSL_select_next_proto buffer overread (bsc#1227138) \- CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers (bsc#1225551) \- CVE-2024-4603: Check DSA parameters for excessive sizes before validating (bsc#1224388) \- CVE-2024-2511: Fix unconstrained session cache growth in TLSv1.3 (bsc#1222548) \- FIPS: Deny SHA-1 signature verification in FIPS provider (bsc#1221365) \- FIPS: RSA keygen PCT requirements. (bsc#1221760, bsc#1221753) \- FIPS: Check that the fips provider is available before setting it as the default provider in FIPS mode. (bsc#1220523) \- FIPS: Port openssl to
* bsc#1220523
* bsc#1220690
* bsc#1220693
* bsc#1220696
* bsc#1221365
* bsc#1221751
* bsc#1221752
* bsc#1221753
* bsc#1221760
* bsc#1221763
* bsc#1221786
* bsc#1221787
* bsc#1221821
* bsc#1221822
* bsc#1221824
* bsc#1221827
* bsc#1222548
* bsc#1222899
* bsc#1223306
* bsc#1223336
* bsc#1223428
* bsc#1224388
* bsc#1225291
* bsc#1225551
* bsc#1226463
* bsc#1227138
* bsc#1229465
Cross-
* CVE-2024-2511
* CVE-2024-4603
* CVE-2024-4741
* CVE-2024-5535
* CVE-2024-6119
CVSS scores:
* CVE-2024-2511 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-2511 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-4603 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-4603 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Get the latest Linux and open source security news straight to your inbox.