{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"libcrypto38-2.5.0-1.1 on GA media","title":"Title of the patch"},{"category":"description","text":"These are all security issues fixed in the libcrypto38-2.5.0-1.1 package on the GA media of openSUSE Tumbleweed.","title":"Description of the patch"},{"category":"details","text":"openSUSE-Tumbleweed-2024-10309","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10309-1.json"},{"category":"self","summary":"SUSE CVE CVE-2014-3502 page","url":"https://www.suse.com/security/cve/CVE-2014-3502/"},{"category":"self","summary":"SUSE CVE CVE-2014-3506 page","url":"https://www.suse.com/security/cve/CVE-2014-3506/"},{"category":"self","summary":"SUSE CVE CVE-2014-3507 page","url":"https://www.suse.com/security/cve/CVE-2014-3507/"},{"category":"self","summary":"SUSE CVE CVE-2014-3508 page","url":"https://www.suse.com/security/cve/CVE-2014-3508/"},{"category":"self","summary":"SUSE CVE CVE-2014-3509 page","url":"https://www.suse.com/security/cve/CVE-2014-3509/"},{"category":"self","summary":"SUSE CVE CVE-2014-3510 page","url":"https://www.suse.com/security/cve/CVE-2014-3510/"},{"category":"self","summary":"SUSE CVE CVE-2014-3511 page","url":"https://www.suse.com/security/cve/CVE-2014-3511/"},{"category":"self","summary":"SUSE CVE CVE-2014-3512 page","url":"https://www.suse.com/security/cve/CVE-2014-3512/"},{"category":"self","summary":"SUSE CVE CVE-2014-3570 page","url":"https://www.suse.com/security/cve/CVE-2014-3570/"},{"category":"self","summary":"SUSE CVE CVE-2014-3572 page","url":"https://www.suse.com/security/cve/CVE-2014-3572/"},{"category":"self","summary":"SUSE CVE CVE-2014-5139 page","url":"https://www.suse.com/security/cve/CVE-2014-5139/"},{"category":"self","summary":"SUSE CVE CVE-2014-8176 page","url":"https://www.suse.com/security/cve/CVE-2014-8176/"},{"category":"self","summary":"SUSE CVE CVE-2014-8275 page","url":"https://www.suse.com/security/cve/CVE-2014-8275/"},{"category":"self","summary":"SUSE CVE CVE-2015-0205 page","url":"https://www.suse.com/security/cve/CVE-2015-0205/"},{"category":"self","summary":"SUSE CVE CVE-2015-0206 page","url":"https://www.suse.com/security/cve/CVE-2015-0206/"},{"category":"self","summary":"SUSE CVE CVE-2015-0209 page","url":"https://www.suse.com/security/cve/CVE-2015-0209/"},{"category":"self","summary":"SUSE CVE CVE-2015-0286 page","url":"https://www.suse.com/security/cve/CVE-2015-0286/"},{"category":"self","summary":"SUSE CVE CVE-2015-0287 page","url":"https://www.suse.com/security/cve/CVE-2015-0287/"},{"category":"self","summary":"SUSE CVE CVE-2015-0288 page","url":"https://www.suse.com/security/cve/CVE-2015-0288/"},{"category":"self","summary":"SUSE CVE CVE-2015-0289 page","url":"https://www.suse.com/security/cve/CVE-2015-0289/"},{"category":"self","summary":"SUSE CVE CVE-2015-1788 page","url":"https://www.suse.com/security/cve/CVE-2015-1788/"},{"category":"self","summary":"SUSE CVE CVE-2015-1789 page","url":"https://www.suse.com/security/cve/CVE-2015-1789/"},{"category":"self","summary":"SUSE CVE CVE-2015-1790 page","url":"https://www.suse.com/security/cve/CVE-2015-1790/"},{"category":"self","summary":"SUSE CVE CVE-2015-1792 page","url":"https://www.suse.com/security/cve/CVE-2015-1792/"},{"category":"self","summary":"SUSE CVE CVE-2015-3194 page","url":"https://www.suse.com/security/cve/CVE-2015-3194/"},{"category":"self","summary":"SUSE CVE CVE-2015-3195 page","url":"https://www.suse.com/security/cve/CVE-2015-3195/"},{"category":"self","summary":"SUSE CVE CVE-2015-4000 page","url":"https://www.suse.com/security/cve/CVE-2015-4000/"},{"category":"self","summary":"SUSE CVE CVE-2015-5333 page","url":"https://www.suse.com/security/cve/CVE-2015-5333/"},{"category":"self","summary":"SUSE CVE CVE-2015-5334 page","url":"https://www.suse.com/security/cve/CVE-2015-5334/"},{"category":"self","summary":"SUSE CVE CVE-2016-0702 page","url":"https://www.suse.com/security/cve/CVE-2016-0702/"}],"title":"libcrypto38-2.5.0-1.1 on GA media","tracking":{"current_release_date":"2024-06-15T00:00:00Z","generator":{"date":"2024-06-15T00:00:00Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"openSUSE-SU-2024:10309-1","initial_release_date":"2024-06-15T00:00:00Z","revision_history":[{"date":"2024-06-15T00:00:00Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"libcrypto38-2.5.0-1.1.aarch64","product":{"name":"libcrypto38-2.5.0-1.1.aarch64","product_id":"libcrypto38-2.5.0-1.1.aarch64"}},{"category":"product_version","name":"libcrypto38-32bit-2.5.0-1.1.aarch64","product":{"name":"libcrypto38-32bit-2.5.0-1.1.aarch64","product_id":"libcrypto38-32bit-2.5.0-1.1.aarch64"}},{"category":"product_version","name":"libressl-2.5.0-1.1.aarch64","product":{"name":"libressl-2.5.0-1.1.aarch64","product_id":"libressl-2.5.0-1.1.aarch64"}},{"category":"product_version","name":"libressl-devel-2.5.0-1.1.aarch64","product":{"name":"libressl-devel-2.5.0-1.1.aarch64","product_id":"libressl-devel-2.5.0-1.1.aarch64"}},{"category":"product_version","name":"libressl-devel-32bit-2.5.0-1.1.aarch64","product":{"name":"libressl-devel-32bit-2.5.0-1.1.aarch64","product_id":"libressl-devel-32bit-2.5.0-1.1.aarch64"}},{"category":"product_version","name":"libressl-devel-doc-2.5.0-1.1.aarch64","product":{"name":"libressl-devel-doc-2.5.0-1.1.aarch64","product_id":"libressl-devel-doc-2.5.0-1.1.aarch64"}},{"category":"product_version","name":"libssl39-2.5.0-1.1.aarch64","product":{"name":"libssl39-2.5.0-1.1.aarch64","product_id":"libssl39-2.5.0-1.1.aarch64"}},{"category":"product_version","name":"libssl39-32bit-2.5.0-1.1.aarch64","product":{"name":"libssl39-32bit-2.5.0-1.1.aarch64","product_id":"libssl39-32bit-2.5.0-1.1.aarch64"}},{"category":"product_version","name":"libtls11-2.5.0-1.1.aarch64","product":{"name":"libtls11-2.5.0-1.1.aarch64","product_id":"libtls11-2.5.0-1.1.aarch64"}},{"category":"product_version","name":"libtls11-32bit-2.5.0-1.1.aarch64","product":{"name":"libtls11-32bit-2.5.0-1.1.aarch64","product_id":"libtls11-32bit-2.5.0-1.1.aarch64"}}],"category":"architecture","name":"aarch64"},{"branches":[{"category":"product_version","name":"libcrypto38-2.5.0-1.1.ppc64le","product":{"name":"libcrypto38-2.5.0-1.1.ppc64le","product_id":"libcrypto38-2.5.0-1.1.ppc64le"}},{"category":"product_version","name":"libcrypto38-32bit-2.5.0-1.1.ppc64le","product":{"name":"libcrypto38-32bit-2.5.0-1.1.ppc64le","product_id":"libcrypto38-32bit-2.5.0-1.1.ppc64le"}},{"category":"product_version","name":"libressl-2.5.0-1.1.ppc64le","product":{"name":"libressl-2.5.0-1.1.ppc64le","product_id":"libressl-2.5.0-1.1.ppc64le"}},{"category":"product_version","name":"libressl-devel-2.5.0-1.1.ppc64le","product":{"name":"libressl-devel-2.5.0-1.1.ppc64le","product_id":"libressl-devel-2.5.0-1.1.ppc64le"}},{"category":"product_version","name":"libressl-devel-32bit-2.5.0-1.1.ppc64le","product":{"name":"libressl-devel-32bit-2.5.0-1.1.ppc64le","product_id":"libressl-devel-32bit-2.5.0-1.1.ppc64le"}},{"category":"product_version","name":"libressl-devel-doc-2.5.0-1.1.ppc64le","product":{"name":"libressl-devel-doc-2.5.0-1.1.ppc64le","product_id":"libressl-devel-doc-2.5.0-1.1.ppc64le"}},{"category":"product_version","name":"libssl39-2.5.0-1.1.ppc64le","product":{"name":"libssl39-2.5.0-1.1.ppc64le","product_id":"libssl39-2.5.0-1.1.ppc64le"}},{"category":"product_version","name":"libssl39-32bit-2.5.0-1.1.ppc64le","product":{"name":"libssl39-32bit-2.5.0-1.1.ppc64le","product_id":"libssl39-32bit-2.5.0-1.1.ppc64le"}},{"category":"product_version","name":"libtls11-2.5.0-1.1.ppc64le","product":{"name":"libtls11-2.5.0-1.1.ppc64le","product_id":"libtls11-2.5.0-1.1.ppc64le"}},{"category":"product_version","name":"libtls11-32bit-2.5.0-1.1.ppc64le","product":{"name":"libtls11-32bit-2.5.0-1.1.ppc64le","product_id":"libtls11-32bit-2.5.0-1.1.ppc64le"}}],"category":"architecture","name":"ppc64le"},{"branches":[{"category":"product_version","name":"libcrypto38-2.5.0-1.1.s390x","product":{"name":"libcrypto38-2.5.0-1.1.s390x","product_id":"libcrypto38-2.5.0-1.1.s390x"}},{"category":"product_version","name":"libcrypto38-32bit-2.5.0-1.1.s390x","product":{"name":"libcrypto38-32bit-2.5.0-1.1.s390x","product_id":"libcrypto38-32bit-2.5.0-1.1.s390x"}},{"category":"product_version","name":"libressl-2.5.0-1.1.s390x","product":{"name":"libressl-2.5.0-1.1.s390x","product_id":"libressl-2.5.0-1.1.s390x"}},{"category":"product_version","name":"libressl-devel-2.5.0-1.1.s390x","product":{"name":"libressl-devel-2.5.0-1.1.s390x","product_id":"libressl-devel-2.5.0-1.1.s390x"}},{"category":"product_version","name":"libressl-devel-32bit-2.5.0-1.1.s390x","product":{"name":"libressl-devel-32bit-2.5.0-1.1.s390x","product_id":"libressl-devel-32bit-2.5.0-1.1.s390x"}},{"category":"product_version","name":"libressl-devel-doc-2.5.0-1.1.s390x","product":{"name":"libressl-devel-doc-2.5.0-1.1.s390x","product_id":"libressl-devel-doc-2.5.0-1.1.s390x"}},{"category":"product_version","name":"libssl39-2.5.0-1.1.s390x","product":{"name":"libssl39-2.5.0-1.1.s390x","product_id":"libssl39-2.5.0-1.1.s390x"}},{"category":"product_version","name":"libssl39-32bit-2.5.0-1.1.s390x","product":{"name":"libssl39-32bit-2.5.0-1.1.s390x","product_id":"libssl39-32bit-2.5.0-1.1.s390x"}},{"category":"product_version","name":"libtls11-2.5.0-1.1.s390x","product":{"name":"libtls11-2.5.0-1.1.s390x","product_id":"libtls11-2.5.0-1.1.s390x"}},{"category":"product_version","name":"libtls11-32bit-2.5.0-1.1.s390x","product":{"name":"libtls11-32bit-2.5.0-1.1.s390x","product_id":"libtls11-32bit-2.5.0-1.1.s390x"}}],"category":"architecture","name":"s390x"},{"branches":[{"category":"product_version","name":"libcrypto38-2.5.0-1.1.x86_64","product":{"name":"libcrypto38-2.5.0-1.1.x86_64","product_id":"libcrypto38-2.5.0-1.1.x86_64"}},{"category":"product_version","name":"libcrypto38-32bit-2.5.0-1.1.x86_64","product":{"name":"libcrypto38-32bit-2.5.0-1.1.x86_64","product_id":"libcrypto38-32bit-2.5.0-1.1.x86_64"}},{"category":"product_version","name":"libressl-2.5.0-1.1.x86_64","product":{"name":"libressl-2.5.0-1.1.x86_64","product_id":"libressl-2.5.0-1.1.x86_64"}},{"category":"product_version","name":"libressl-devel-2.5.0-1.1.x86_64","product":{"name":"libressl-devel-2.5.0-1.1.x86_64","product_id":"libressl-devel-2.5.0-1.1.x86_64"}},{"category":"product_version","name":"libressl-devel-32bit-2.5.0-1.1.x86_64","product":{"name":"libressl-devel-32bit-2.5.0-1.1.x86_64","product_id":"libressl-devel-32bit-2.5.0-1.1.x86_64"}},{"category":"product_version","name":"libressl-devel-doc-2.5.0-1.1.x86_64","product":{"name":"libressl-devel-doc-2.5.0-1.1.x86_64","product_id":"libressl-devel-doc-2.5.0-1.1.x86_64"}},{"category":"product_version","name":"libssl39-2.5.0-1.1.x86_64","product":{"name":"libssl39-2.5.0-1.1.x86_64","product_id":"libssl39-2.5.0-1.1.x86_64"}},{"category":"product_version","name":"libssl39-32bit-2.5.0-1.1.x86_64","product":{"name":"libssl39-32bit-2.5.0-1.1.x86_64","product_id":"libssl39-32bit-2.5.0-1.1.x86_64"}},{"category":"product_version","name":"libtls11-2.5.0-1.1.x86_64","product":{"name":"libtls11-2.5.0-1.1.x86_64","product_id":"libtls11-2.5.0-1.1.x86_64"}},{"category":"product_version","name":"libtls11-32bit-2.5.0-1.1.x86_64","product":{"name":"libtls11-32bit-2.5.0-1.1.x86_64","product_id":"libtls11-32bit-2.5.0-1.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"openSUSE Tumbleweed","product":{"name":"openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed","product_identification_helper":{"cpe":"cpe:/o:opensuse:tumbleweed"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"libcrypto38-2.5.0-1.1.aarch64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64"},"product_reference":"libcrypto38-2.5.0-1.1.aarch64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libcrypto38-2.5.0-1.1.ppc64le as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le"},"product_reference":"libcrypto38-2.5.0-1.1.ppc64le","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libcrypto38-2.5.0-1.1.s390x as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x"},"product_reference":"libcrypto38-2.5.0-1.1.s390x","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libcrypto38-2.5.0-1.1.x86_64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64"},"product_reference":"libcrypto38-2.5.0-1.1.x86_64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libcrypto38-32bit-2.5.0-1.1.aarch64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64"},"product_reference":"libcrypto38-32bit-2.5.0-1.1.aarch64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libcrypto38-32bit-2.5.0-1.1.ppc64le as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le"},"product_reference":"libcrypto38-32bit-2.5.0-1.1.ppc64le","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libcrypto38-32bit-2.5.0-1.1.s390x as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x"},"product_reference":"libcrypto38-32bit-2.5.0-1.1.s390x","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libcrypto38-32bit-2.5.0-1.1.x86_64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64"},"product_reference":"libcrypto38-32bit-2.5.0-1.1.x86_64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libressl-2.5.0-1.1.aarch64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64"},"product_reference":"libressl-2.5.0-1.1.aarch64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libressl-2.5.0-1.1.ppc64le as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le"},"product_reference":"libressl-2.5.0-1.1.ppc64le","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libressl-2.5.0-1.1.s390x as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x"},"product_reference":"libressl-2.5.0-1.1.s390x","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libressl-2.5.0-1.1.x86_64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64"},"product_reference":"libressl-2.5.0-1.1.x86_64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libressl-devel-2.5.0-1.1.aarch64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64"},"product_reference":"libressl-devel-2.5.0-1.1.aarch64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libressl-devel-2.5.0-1.1.ppc64le as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le"},"product_reference":"libressl-devel-2.5.0-1.1.ppc64le","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libressl-devel-2.5.0-1.1.s390x as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x"},"product_reference":"libressl-devel-2.5.0-1.1.s390x","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libressl-devel-2.5.0-1.1.x86_64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64"},"product_reference":"libressl-devel-2.5.0-1.1.x86_64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libressl-devel-32bit-2.5.0-1.1.aarch64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64"},"product_reference":"libressl-devel-32bit-2.5.0-1.1.aarch64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libressl-devel-32bit-2.5.0-1.1.ppc64le as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le"},"product_reference":"libressl-devel-32bit-2.5.0-1.1.ppc64le","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libressl-devel-32bit-2.5.0-1.1.s390x as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x"},"product_reference":"libressl-devel-32bit-2.5.0-1.1.s390x","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libressl-devel-32bit-2.5.0-1.1.x86_64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64"},"product_reference":"libressl-devel-32bit-2.5.0-1.1.x86_64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libressl-devel-doc-2.5.0-1.1.aarch64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64"},"product_reference":"libressl-devel-doc-2.5.0-1.1.aarch64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libressl-devel-doc-2.5.0-1.1.ppc64le as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le"},"product_reference":"libressl-devel-doc-2.5.0-1.1.ppc64le","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libressl-devel-doc-2.5.0-1.1.s390x as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x"},"product_reference":"libressl-devel-doc-2.5.0-1.1.s390x","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libressl-devel-doc-2.5.0-1.1.x86_64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64"},"product_reference":"libressl-devel-doc-2.5.0-1.1.x86_64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libssl39-2.5.0-1.1.aarch64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64"},"product_reference":"libssl39-2.5.0-1.1.aarch64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libssl39-2.5.0-1.1.ppc64le as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le"},"product_reference":"libssl39-2.5.0-1.1.ppc64le","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libssl39-2.5.0-1.1.s390x as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x"},"product_reference":"libssl39-2.5.0-1.1.s390x","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libssl39-2.5.0-1.1.x86_64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64"},"product_reference":"libssl39-2.5.0-1.1.x86_64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libssl39-32bit-2.5.0-1.1.aarch64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64"},"product_reference":"libssl39-32bit-2.5.0-1.1.aarch64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libssl39-32bit-2.5.0-1.1.ppc64le as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le"},"product_reference":"libssl39-32bit-2.5.0-1.1.ppc64le","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libssl39-32bit-2.5.0-1.1.s390x as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x"},"product_reference":"libssl39-32bit-2.5.0-1.1.s390x","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libssl39-32bit-2.5.0-1.1.x86_64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64"},"product_reference":"libssl39-32bit-2.5.0-1.1.x86_64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libtls11-2.5.0-1.1.aarch64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64"},"product_reference":"libtls11-2.5.0-1.1.aarch64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libtls11-2.5.0-1.1.ppc64le as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le"},"product_reference":"libtls11-2.5.0-1.1.ppc64le","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libtls11-2.5.0-1.1.s390x as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x"},"product_reference":"libtls11-2.5.0-1.1.s390x","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libtls11-2.5.0-1.1.x86_64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64"},"product_reference":"libtls11-2.5.0-1.1.x86_64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libtls11-32bit-2.5.0-1.1.aarch64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64"},"product_reference":"libtls11-32bit-2.5.0-1.1.aarch64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libtls11-32bit-2.5.0-1.1.ppc64le as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le"},"product_reference":"libtls11-32bit-2.5.0-1.1.ppc64le","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libtls11-32bit-2.5.0-1.1.s390x as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x"},"product_reference":"libtls11-32bit-2.5.0-1.1.s390x","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"libtls11-32bit-2.5.0-1.1.x86_64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"},"product_reference":"libtls11-32bit-2.5.0-1.1.x86_64","relates_to_product_reference":"openSUSE Tumbleweed"}]},"vulnerabilities":[{"cve":"CVE-2014-3502","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2014-3502"}],"notes":[{"category":"general","text":"Apache Cordova Android before 3.5.1 allows remote attackers to open and send data to arbitrary applications via a URL with a crafted URI scheme for an Android intent.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2014-3502","url":"https://www.suse.com/security/cve/CVE-2014-3502"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2014-3502"},{"cve":"CVE-2014-3506","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2014-3506"}],"notes":[{"category":"general","text":"d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2014-3506","url":"https://www.suse.com/security/cve/CVE-2014-3506"},{"category":"external","summary":"SUSE Bug 890759 for CVE-2014-3506","url":"https://bugzilla.suse.com/890759"},{"category":"external","summary":"SUSE Bug 890764 for CVE-2014-3506","url":"https://bugzilla.suse.com/890764"},{"category":"external","summary":"SUSE Bug 890768 for CVE-2014-3506","url":"https://bugzilla.suse.com/890768"},{"category":"external","summary":"SUSE Bug 905106 for CVE-2014-3506","url":"https://bugzilla.suse.com/905106"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"important"}],"title":"CVE-2014-3506"},{"cve":"CVE-2014-3507","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2014-3507"}],"notes":[{"category":"general","text":"Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via zero-length DTLS fragments that trigger improper handling of the return value of a certain insert function.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2014-3507","url":"https://www.suse.com/security/cve/CVE-2014-3507"},{"category":"external","summary":"SUSE Bug 890759 for CVE-2014-3507","url":"https://bugzilla.suse.com/890759"},{"category":"external","summary":"SUSE Bug 890764 for CVE-2014-3507","url":"https://bugzilla.suse.com/890764"},{"category":"external","summary":"SUSE Bug 890769 for CVE-2014-3507","url":"https://bugzilla.suse.com/890769"},{"category":"external","summary":"SUSE Bug 905106 for CVE-2014-3507","url":"https://bugzilla.suse.com/905106"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"important"}],"title":"CVE-2014-3507"},{"cve":"CVE-2014-3508","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2014-3508"}],"notes":[{"category":"general","text":"The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\\0' characters, which allows context-dependent attackers to obtain sensitive information from process stack memory by reading output from X509_name_oneline, X509_name_print_ex, and unspecified other functions.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2014-3508","url":"https://www.suse.com/security/cve/CVE-2014-3508"},{"category":"external","summary":"SUSE Bug 890759 for CVE-2014-3508","url":"https://bugzilla.suse.com/890759"},{"category":"external","summary":"SUSE Bug 890764 for CVE-2014-3508","url":"https://bugzilla.suse.com/890764"},{"category":"external","summary":"SUSE Bug 905106 for CVE-2014-3508","url":"https://bugzilla.suse.com/905106"},{"category":"external","summary":"SUSE Bug 950708 for CVE-2014-3508","url":"https://bugzilla.suse.com/950708"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"important"}],"title":"CVE-2014-3508"},{"cve":"CVE-2014-3509","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2014-3509"}],"notes":[{"category":"general","text":"Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service (memory overwrite and client application crash) or possibly have unspecified other impact by sending Elliptic Curve (EC) Supported Point Formats Extension data.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2014-3509","url":"https://www.suse.com/security/cve/CVE-2014-3509"},{"category":"external","summary":"SUSE Bug 890759 for CVE-2014-3509","url":"https://bugzilla.suse.com/890759"},{"category":"external","summary":"SUSE Bug 890766 for CVE-2014-3509","url":"https://bugzilla.suse.com/890766"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"important"}],"title":"CVE-2014-3509"},{"cve":"CVE-2014-3510","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2014-3510"}],"notes":[{"category":"general","text":"The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote DTLS servers to cause a denial of service (NULL pointer dereference and client application crash) via a crafted handshake message in conjunction with a (1) anonymous DH or (2) anonymous ECDH ciphersuite.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2014-3510","url":"https://www.suse.com/security/cve/CVE-2014-3510"},{"category":"external","summary":"SUSE Bug 890759 for CVE-2014-3510","url":"https://bugzilla.suse.com/890759"},{"category":"external","summary":"SUSE Bug 890764 for CVE-2014-3510","url":"https://bugzilla.suse.com/890764"},{"category":"external","summary":"SUSE Bug 890770 for CVE-2014-3510","url":"https://bugzilla.suse.com/890770"},{"category":"external","summary":"SUSE Bug 905106 for CVE-2014-3510","url":"https://bugzilla.suse.com/905106"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"important"}],"title":"CVE-2014-3510"},{"cve":"CVE-2014-3511","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2014-3511"}],"notes":[{"category":"general","text":"The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS versions, related to a \"protocol downgrade\" issue.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2014-3511","url":"https://www.suse.com/security/cve/CVE-2014-3511"},{"category":"external","summary":"SUSE Bug 890759 for CVE-2014-3511","url":"https://bugzilla.suse.com/890759"},{"category":"external","summary":"SUSE Bug 890771 for CVE-2014-3511","url":"https://bugzilla.suse.com/890771"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"important"}],"title":"CVE-2014-3511"},{"cve":"CVE-2014-3512","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2014-3512"}],"notes":[{"category":"general","text":"Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2014-3512","url":"https://www.suse.com/security/cve/CVE-2014-3512"},{"category":"external","summary":"SUSE Bug 890759 for CVE-2014-3512","url":"https://bugzilla.suse.com/890759"},{"category":"external","summary":"SUSE Bug 890772 for CVE-2014-3512","url":"https://bugzilla.suse.com/890772"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"important"}],"title":"CVE-2014-3512"},{"cve":"CVE-2014-3570","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2014-3570"}],"notes":[{"category":"general","text":"The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2014-3570","url":"https://www.suse.com/security/cve/CVE-2014-3570"},{"category":"external","summary":"SUSE Bug 912296 for CVE-2014-3570","url":"https://bugzilla.suse.com/912296"},{"category":"external","summary":"SUSE Bug 915848 for CVE-2014-3570","url":"https://bugzilla.suse.com/915848"},{"category":"external","summary":"SUSE Bug 927623 for CVE-2014-3570","url":"https://bugzilla.suse.com/927623"},{"category":"external","summary":"SUSE Bug 937891 for CVE-2014-3570","url":"https://bugzilla.suse.com/937891"},{"category":"external","summary":"SUSE Bug 944456 for CVE-2014-3570","url":"https://bugzilla.suse.com/944456"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2014-3570"},{"cve":"CVE-2014-3572","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2014-3572"}],"notes":[{"category":"general","text":"The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2014-3572","url":"https://www.suse.com/security/cve/CVE-2014-3572"},{"category":"external","summary":"SUSE Bug 912015 for CVE-2014-3572","url":"https://bugzilla.suse.com/912015"},{"category":"external","summary":"SUSE Bug 915848 for CVE-2014-3572","url":"https://bugzilla.suse.com/915848"},{"category":"external","summary":"SUSE Bug 927623 for CVE-2014-3572","url":"https://bugzilla.suse.com/927623"},{"category":"external","summary":"SUSE Bug 937891 for CVE-2014-3572","url":"https://bugzilla.suse.com/937891"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2014-3572"},{"cve":"CVE-2014-5139","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2014-5139"}],"notes":[{"category":"general","text":"The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2014-5139","url":"https://www.suse.com/security/cve/CVE-2014-5139"},{"category":"external","summary":"SUSE Bug 886831 for CVE-2014-5139","url":"https://bugzilla.suse.com/886831"},{"category":"external","summary":"SUSE Bug 890759 for CVE-2014-5139","url":"https://bugzilla.suse.com/890759"},{"category":"external","summary":"SUSE Bug 890765 for CVE-2014-5139","url":"https://bugzilla.suse.com/890765"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"important"}],"title":"CVE-2014-5139"},{"cve":"CVE-2014-8176","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2014-8176"}],"notes":[{"category":"general","text":"The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS peers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unexpected application data.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2014-8176","url":"https://www.suse.com/security/cve/CVE-2014-8176"},{"category":"external","summary":"SUSE Bug 1148697 for CVE-2014-8176","url":"https://bugzilla.suse.com/1148697"},{"category":"external","summary":"SUSE Bug 934494 for CVE-2014-8176","url":"https://bugzilla.suse.com/934494"},{"category":"external","summary":"SUSE Bug 934666 for CVE-2014-8176","url":"https://bugzilla.suse.com/934666"},{"category":"external","summary":"SUSE Bug 986238 for CVE-2014-8176","url":"https://bugzilla.suse.com/986238"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"important"}],"title":"CVE-2014-8176"},{"cve":"CVE-2014-8275","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2014-8275"}],"notes":[{"category":"general","text":"OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2014-8275","url":"https://www.suse.com/security/cve/CVE-2014-8275"},{"category":"external","summary":"SUSE Bug 912018 for CVE-2014-8275","url":"https://bugzilla.suse.com/912018"},{"category":"external","summary":"SUSE Bug 915848 for CVE-2014-8275","url":"https://bugzilla.suse.com/915848"},{"category":"external","summary":"SUSE Bug 927623 for CVE-2014-8275","url":"https://bugzilla.suse.com/927623"},{"category":"external","summary":"SUSE Bug 937891 for CVE-2014-8275","url":"https://bugzilla.suse.com/937891"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2014-8275"},{"cve":"CVE-2015-0205","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-0205"}],"notes":[{"category":"general","text":"The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-0205","url":"https://www.suse.com/security/cve/CVE-2015-0205"},{"category":"external","summary":"SUSE Bug 912293 for CVE-2015-0205","url":"https://bugzilla.suse.com/912293"},{"category":"external","summary":"SUSE Bug 915848 for CVE-2015-0205","url":"https://bugzilla.suse.com/915848"},{"category":"external","summary":"SUSE Bug 927623 for CVE-2015-0205","url":"https://bugzilla.suse.com/927623"},{"category":"external","summary":"SUSE Bug 937891 for CVE-2015-0205","url":"https://bugzilla.suse.com/937891"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2015-0205"},{"cve":"CVE-2015-0206","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-0206"}],"notes":[{"category":"general","text":"Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate records for the next epoch, leading to failure of replay detection.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-0206","url":"https://www.suse.com/security/cve/CVE-2015-0206"},{"category":"external","summary":"SUSE Bug 912292 for CVE-2015-0206","url":"https://bugzilla.suse.com/912292"},{"category":"external","summary":"SUSE Bug 927623 for CVE-2015-0206","url":"https://bugzilla.suse.com/927623"},{"category":"external","summary":"SUSE Bug 937891 for CVE-2015-0206","url":"https://bugzilla.suse.com/937891"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2015-0206"},{"cve":"CVE-2015-0209","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-0209"}],"notes":[{"category":"general","text":"Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-0209","url":"https://www.suse.com/security/cve/CVE-2015-0209"},{"category":"external","summary":"SUSE Bug 912014 for CVE-2015-0209","url":"https://bugzilla.suse.com/912014"},{"category":"external","summary":"SUSE Bug 919648 for CVE-2015-0209","url":"https://bugzilla.suse.com/919648"},{"category":"external","summary":"SUSE Bug 936586 for CVE-2015-0209","url":"https://bugzilla.suse.com/936586"},{"category":"external","summary":"SUSE Bug 937891 for CVE-2015-0209","url":"https://bugzilla.suse.com/937891"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"critical"}],"title":"CVE-2015-0209"},{"cve":"CVE-2015-0286","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-0286"}],"notes":[{"category":"general","text":"The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-0286","url":"https://www.suse.com/security/cve/CVE-2015-0286"},{"category":"external","summary":"SUSE Bug 912014 for CVE-2015-0286","url":"https://bugzilla.suse.com/912014"},{"category":"external","summary":"SUSE Bug 919648 for CVE-2015-0286","url":"https://bugzilla.suse.com/919648"},{"category":"external","summary":"SUSE Bug 922496 for CVE-2015-0286","url":"https://bugzilla.suse.com/922496"},{"category":"external","summary":"SUSE Bug 936586 for CVE-2015-0286","url":"https://bugzilla.suse.com/936586"},{"category":"external","summary":"SUSE Bug 937891 for CVE-2015-0286","url":"https://bugzilla.suse.com/937891"},{"category":"external","summary":"SUSE Bug 951391 for CVE-2015-0286","url":"https://bugzilla.suse.com/951391"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"critical"}],"title":"CVE-2015-0286"},{"cve":"CVE-2015-0287","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-0287"}],"notes":[{"category":"general","text":"The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-0287","url":"https://www.suse.com/security/cve/CVE-2015-0287"},{"category":"external","summary":"SUSE Bug 912014 for CVE-2015-0287","url":"https://bugzilla.suse.com/912014"},{"category":"external","summary":"SUSE Bug 919648 for CVE-2015-0287","url":"https://bugzilla.suse.com/919648"},{"category":"external","summary":"SUSE Bug 922499 for CVE-2015-0287","url":"https://bugzilla.suse.com/922499"},{"category":"external","summary":"SUSE Bug 936586 for CVE-2015-0287","url":"https://bugzilla.suse.com/936586"},{"category":"external","summary":"SUSE Bug 937891 for CVE-2015-0287","url":"https://bugzilla.suse.com/937891"},{"category":"external","summary":"SUSE Bug 968888 for CVE-2015-0287","url":"https://bugzilla.suse.com/968888"},{"category":"external","summary":"SUSE Bug 991722 for CVE-2015-0287","url":"https://bugzilla.suse.com/991722"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"critical"}],"title":"CVE-2015-0287"},{"cve":"CVE-2015-0288","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-0288"}],"notes":[{"category":"general","text":"The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid certificate key.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-0288","url":"https://www.suse.com/security/cve/CVE-2015-0288"},{"category":"external","summary":"SUSE Bug 912014 for CVE-2015-0288","url":"https://bugzilla.suse.com/912014"},{"category":"external","summary":"SUSE Bug 919648 for CVE-2015-0288","url":"https://bugzilla.suse.com/919648"},{"category":"external","summary":"SUSE Bug 920236 for CVE-2015-0288","url":"https://bugzilla.suse.com/920236"},{"category":"external","summary":"SUSE Bug 936586 for CVE-2015-0288","url":"https://bugzilla.suse.com/936586"},{"category":"external","summary":"SUSE Bug 937891 for CVE-2015-0288","url":"https://bugzilla.suse.com/937891"},{"category":"external","summary":"SUSE Bug 951391 for CVE-2015-0288","url":"https://bugzilla.suse.com/951391"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"critical"}],"title":"CVE-2015-0288"},{"cve":"CVE-2015-0289","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-0289"}],"notes":[{"category":"general","text":"The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-0289","url":"https://www.suse.com/security/cve/CVE-2015-0289"},{"category":"external","summary":"SUSE Bug 912014 for CVE-2015-0289","url":"https://bugzilla.suse.com/912014"},{"category":"external","summary":"SUSE Bug 919648 for CVE-2015-0289","url":"https://bugzilla.suse.com/919648"},{"category":"external","summary":"SUSE Bug 922500 for CVE-2015-0289","url":"https://bugzilla.suse.com/922500"},{"category":"external","summary":"SUSE Bug 936586 for CVE-2015-0289","url":"https://bugzilla.suse.com/936586"},{"category":"external","summary":"SUSE Bug 937891 for CVE-2015-0289","url":"https://bugzilla.suse.com/937891"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"critical"}],"title":"CVE-2015-0289"},{"cve":"CVE-2015-1788","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-1788"}],"notes":[{"category":"general","text":"The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a denial of service (infinite loop) via a session that uses an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-1788","url":"https://www.suse.com/security/cve/CVE-2015-1788"},{"category":"external","summary":"SUSE Bug 934487 for CVE-2015-1788","url":"https://bugzilla.suse.com/934487"},{"category":"external","summary":"SUSE Bug 934666 for CVE-2015-1788","url":"https://bugzilla.suse.com/934666"},{"category":"external","summary":"SUSE Bug 936586 for CVE-2015-1788","url":"https://bugzilla.suse.com/936586"},{"category":"external","summary":"SUSE Bug 937891 for CVE-2015-1788","url":"https://bugzilla.suse.com/937891"},{"category":"external","summary":"SUSE Bug 938432 for CVE-2015-1788","url":"https://bugzilla.suse.com/938432"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2015-1788"},{"cve":"CVE-2015-1789","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-1789"}],"notes":[{"category":"general","text":"The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-1789","url":"https://www.suse.com/security/cve/CVE-2015-1789"},{"category":"external","summary":"SUSE Bug 934489 for CVE-2015-1789","url":"https://bugzilla.suse.com/934489"},{"category":"external","summary":"SUSE Bug 934666 for CVE-2015-1789","url":"https://bugzilla.suse.com/934666"},{"category":"external","summary":"SUSE Bug 936586 for CVE-2015-1789","url":"https://bugzilla.suse.com/936586"},{"category":"external","summary":"SUSE Bug 937891 for CVE-2015-1789","url":"https://bugzilla.suse.com/937891"},{"category":"external","summary":"SUSE Bug 938432 for CVE-2015-1789","url":"https://bugzilla.suse.com/938432"},{"category":"external","summary":"SUSE Bug 951391 for CVE-2015-1789","url":"https://bugzilla.suse.com/951391"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"important"}],"title":"CVE-2015-1789"},{"cve":"CVE-2015-1790","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-1790"}],"notes":[{"category":"general","text":"The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses ASN.1 encoding and lacks inner EncryptedContent data.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-1790","url":"https://www.suse.com/security/cve/CVE-2015-1790"},{"category":"external","summary":"SUSE Bug 934491 for CVE-2015-1790","url":"https://bugzilla.suse.com/934491"},{"category":"external","summary":"SUSE Bug 934666 for CVE-2015-1790","url":"https://bugzilla.suse.com/934666"},{"category":"external","summary":"SUSE Bug 936586 for CVE-2015-1790","url":"https://bugzilla.suse.com/936586"},{"category":"external","summary":"SUSE Bug 938432 for CVE-2015-1790","url":"https://bugzilla.suse.com/938432"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2015-1790"},{"cve":"CVE-2015-1792","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-1792"}],"notes":[{"category":"general","text":"The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-1792","url":"https://www.suse.com/security/cve/CVE-2015-1792"},{"category":"external","summary":"SUSE Bug 934493 for CVE-2015-1792","url":"https://bugzilla.suse.com/934493"},{"category":"external","summary":"SUSE Bug 934666 for CVE-2015-1792","url":"https://bugzilla.suse.com/934666"},{"category":"external","summary":"SUSE Bug 937891 for CVE-2015-1792","url":"https://bugzilla.suse.com/937891"},{"category":"external","summary":"SUSE Bug 986238 for CVE-2015-1792","url":"https://bugzilla.suse.com/986238"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2015-1792"},{"cve":"CVE-2015-3194","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-3194"}],"notes":[{"category":"general","text":"crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-3194","url":"https://www.suse.com/security/cve/CVE-2015-3194"},{"category":"external","summary":"SUSE Bug 957812 for CVE-2015-3194","url":"https://bugzilla.suse.com/957812"},{"category":"external","summary":"SUSE Bug 957815 for CVE-2015-3194","url":"https://bugzilla.suse.com/957815"},{"category":"external","summary":"SUSE Bug 958768 for CVE-2015-3194","url":"https://bugzilla.suse.com/958768"},{"category":"external","summary":"SUSE Bug 976341 for CVE-2015-3194","url":"https://bugzilla.suse.com/976341"},{"category":"external","summary":"SUSE Bug 990370 for CVE-2015-3194","url":"https://bugzilla.suse.com/990370"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2015-3194"},{"cve":"CVE-2015-3195","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-3195"}],"notes":[{"category":"general","text":"The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-3195","url":"https://www.suse.com/security/cve/CVE-2015-3195"},{"category":"external","summary":"SUSE Bug 923755 for CVE-2015-3195","url":"https://bugzilla.suse.com/923755"},{"category":"external","summary":"SUSE Bug 957812 for CVE-2015-3195","url":"https://bugzilla.suse.com/957812"},{"category":"external","summary":"SUSE Bug 957815 for CVE-2015-3195","url":"https://bugzilla.suse.com/957815"},{"category":"external","summary":"SUSE Bug 958768 for CVE-2015-3195","url":"https://bugzilla.suse.com/958768"},{"category":"external","summary":"SUSE Bug 963977 for CVE-2015-3195","url":"https://bugzilla.suse.com/963977"},{"category":"external","summary":"SUSE Bug 986238 for CVE-2015-3195","url":"https://bugzilla.suse.com/986238"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","version":"3.1"},"products":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2015-3195"},{"cve":"CVE-2015-4000","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-4000"}],"notes":[{"category":"general","text":"The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the \"Logjam\" issue.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-4000","url":"https://www.suse.com/security/cve/CVE-2015-4000"},{"category":"external","summary":"SUSE Bug 1074631 for CVE-2015-4000","url":"https://bugzilla.suse.com/1074631"},{"category":"external","summary":"SUSE Bug 1211968 for CVE-2015-4000","url":"https://bugzilla.suse.com/1211968"},{"category":"external","summary":"SUSE Bug 931600 for CVE-2015-4000","url":"https://bugzilla.suse.com/931600"},{"category":"external","summary":"SUSE Bug 931698 for CVE-2015-4000","url":"https://bugzilla.suse.com/931698"},{"category":"external","summary":"SUSE Bug 931723 for CVE-2015-4000","url":"https://bugzilla.suse.com/931723"},{"category":"external","summary":"SUSE Bug 931845 for CVE-2015-4000","url":"https://bugzilla.suse.com/931845"},{"category":"external","summary":"SUSE Bug 932026 for CVE-2015-4000","url":"https://bugzilla.suse.com/932026"},{"category":"external","summary":"SUSE Bug 932483 for CVE-2015-4000","url":"https://bugzilla.suse.com/932483"},{"category":"external","summary":"SUSE Bug 934789 for CVE-2015-4000","url":"https://bugzilla.suse.com/934789"},{"category":"external","summary":"SUSE Bug 935033 for CVE-2015-4000","url":"https://bugzilla.suse.com/935033"},{"category":"external","summary":"SUSE Bug 935540 for CVE-2015-4000","url":"https://bugzilla.suse.com/935540"},{"category":"external","summary":"SUSE Bug 935979 for CVE-2015-4000","url":"https://bugzilla.suse.com/935979"},{"category":"external","summary":"SUSE Bug 937202 for CVE-2015-4000","url":"https://bugzilla.suse.com/937202"},{"category":"external","summary":"SUSE Bug 937766 for CVE-2015-4000","url":"https://bugzilla.suse.com/937766"},{"category":"external","summary":"SUSE Bug 938248 for CVE-2015-4000","url":"https://bugzilla.suse.com/938248"},{"category":"external","summary":"SUSE Bug 938432 for CVE-2015-4000","url":"https://bugzilla.suse.com/938432"},{"category":"external","summary":"SUSE Bug 938895 for CVE-2015-4000","url":"https://bugzilla.suse.com/938895"},{"category":"external","summary":"SUSE Bug 938905 for CVE-2015-4000","url":"https://bugzilla.suse.com/938905"},{"category":"external","summary":"SUSE Bug 938906 for CVE-2015-4000","url":"https://bugzilla.suse.com/938906"},{"category":"external","summary":"SUSE Bug 938913 for CVE-2015-4000","url":"https://bugzilla.suse.com/938913"},{"category":"external","summary":"SUSE Bug 938945 for CVE-2015-4000","url":"https://bugzilla.suse.com/938945"},{"category":"external","summary":"SUSE Bug 943664 for CVE-2015-4000","url":"https://bugzilla.suse.com/943664"},{"category":"external","summary":"SUSE Bug 944729 for CVE-2015-4000","url":"https://bugzilla.suse.com/944729"},{"category":"external","summary":"SUSE Bug 945582 for CVE-2015-4000","url":"https://bugzilla.suse.com/945582"},{"category":"external","summary":"SUSE Bug 955589 for CVE-2015-4000","url":"https://bugzilla.suse.com/955589"},{"category":"external","summary":"SUSE Bug 980406 for CVE-2015-4000","url":"https://bugzilla.suse.com/980406"},{"category":"external","summary":"SUSE Bug 990592 for CVE-2015-4000","url":"https://bugzilla.suse.com/990592"},{"category":"external","summary":"SUSE Bug 994144 for CVE-2015-4000","url":"https://bugzilla.suse.com/994144"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.7,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","version":"3.0"},"products":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"important"}],"title":"CVE-2015-4000"},{"cve":"CVE-2015-5333","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-5333"}],"notes":[{"category":"general","text":"Memory leak in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-5333","url":"https://www.suse.com/security/cve/CVE-2015-5333"},{"category":"external","summary":"SUSE Bug 950707 for CVE-2015-5333","url":"https://bugzilla.suse.com/950707"},{"category":"external","summary":"SUSE Bug 950708 for CVE-2015-5333","url":"https://bugzilla.suse.com/950708"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2015-5333"},{"cve":"CVE-2015-5334","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-5334"}],"notes":[{"category":"general","text":"Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (program crash) or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflow. Note: this vulnerability exists because of an incorrect fix for CVE-2014-3508.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-5334","url":"https://www.suse.com/security/cve/CVE-2015-5334"},{"category":"external","summary":"SUSE Bug 950707 for CVE-2015-5334","url":"https://bugzilla.suse.com/950707"},{"category":"external","summary":"SUSE Bug 950708 for CVE-2015-5334","url":"https://bugzilla.suse.com/950708"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":9.8,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2015-5334"},{"cve":"CVE-2016-0702","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-0702"}],"notes":[{"category":"general","text":"The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the same Intel Sandy Bridge CPU core as a victim and leveraging cache-bank conflicts, aka a \"CacheBleed\" attack.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2016-0702","url":"https://www.suse.com/security/cve/CVE-2016-0702"},{"category":"external","summary":"SUSE Bug 1007806 for CVE-2016-0702","url":"https://bugzilla.suse.com/1007806"},{"category":"external","summary":"SUSE Bug 968044 for CVE-2016-0702","url":"https://bugzilla.suse.com/968044"},{"category":"external","summary":"SUSE Bug 968050 for CVE-2016-0702","url":"https://bugzilla.suse.com/968050"},{"category":"external","summary":"SUSE Bug 971238 for CVE-2016-0702","url":"https://bugzilla.suse.com/971238"},{"category":"external","summary":"SUSE Bug 990370 for CVE-2016-0702","url":"https://bugzilla.suse.com/990370"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.1,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","version":"3.1"},"products":["openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libcrypto38-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.s390x","openSUSE Tumbleweed:libressl-devel-doc-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libssl39-32bit-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-2.5.0-1.1.x86_64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.aarch64","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.ppc64le","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.s390x","openSUSE Tumbleweed:libtls11-32bit-2.5.0-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2016-0702"}]}