[Bug 1086778] VUL-0: CVE-2018-8970: libressl: The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c inLibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zeroname length, which causes silent omission of hostname verification
3 Sep
2018
3 Sep
'18
22:08
http://bugzilla.suse.com/show_bug.cgi?id=1086778 http://bugzilla.suse.com/show_bug.cgi?id=1086778#c2 --- Comment #2 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-SU-2018:2597-1: An update that solves two vulnerabilities and has one errata is now available. Category: security (moderate) Bug References: 1065363,1086778,1097779 CVE References: CVE-2018-12434,CVE-2018-8970 Sources used: openSUSE Leap 42.3 (src): libressl-2.8.0-11.1 -- You are receiving this mail because: You are on the CC list for the bug.
2304
Age (days ago)
2304
Last active (days ago)
0 comments
1 participants
participants (1)
-
bugzilla_noreply@novell.com