{"affected":[],"aliases":[],"details":"\nOpenSSL has been updated to fix several security issues:\n\n    * CVE-2012-4929: Avoid the openssl CRIME attack by disabling SSL\n      compression by default. Setting the environment variable\n      'OPENSSL_NO_DEFAULT_ZLIB' to 'no' enables compression again.\n    * CVE-2013-0169: Timing attacks against TLS could be used by physically\n      local attackers to gain access to transmitted plain text or private\n      keymaterial. This issue is also known as the 'Lucky-13' issue.\n    * CVE-2013-0166: A OCSP invalid key denial of service issue was fixed.\n\nSecurity Issue references:\n\n    * CVE-2013-0169\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169>\n    * CVE-2013-0166\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0166>\n\n","id":"SUSE-SU-2015:0545-1","modified":"2013-03-25T15:10:09Z","published":"2013-03-25T15:10:09Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2015/suse-su-20150545-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/779952"},{"type":"REPORT","url":"https://bugzilla.suse.com/802648"},{"type":"REPORT","url":"https://bugzilla.suse.com/802746"},{"type":"REPORT","url":"https://bugzilla.suse.com/859228"},{"type":"REPORT","url":"https://bugzilla.suse.com/859924"},{"type":"REPORT","url":"https://bugzilla.suse.com/860332"},{"type":"REPORT","url":"https://bugzilla.suse.com/862181"},{"type":"REPORT","url":"https://bugzilla.suse.com/869945"},{"type":"REPORT","url":"https://bugzilla.suse.com/870192"},{"type":"REPORT","url":"https://bugzilla.suse.com/880891"},{"type":"REPORT","url":"https://bugzilla.suse.com/890764"},{"type":"REPORT","url":"https://bugzilla.suse.com/890767"},{"type":"REPORT","url":"https://bugzilla.suse.com/890768"},{"type":"REPORT","url":"https://bugzilla.suse.com/890769"},{"type":"REPORT","url":"https://bugzilla.suse.com/890770"},{"type":"REPORT","url":"https://bugzilla.suse.com/892403"},{"type":"REPORT","url":"https://bugzilla.suse.com/901223"},{"type":"REPORT","url":"https://bugzilla.suse.com/901277"},{"type":"REPORT","url":"https://bugzilla.suse.com/912014"},{"type":"REPORT","url":"https://bugzilla.suse.com/912015"},{"type":"REPORT","url":"https://bugzilla.suse.com/912018"},{"type":"REPORT","url":"https://bugzilla.suse.com/912293"},{"type":"REPORT","url":"https://bugzilla.suse.com/912294"},{"type":"REPORT","url":"https://bugzilla.suse.com/912296"},{"type":"REPORT","url":"https://bugzilla.suse.com/915976"},{"type":"REPORT","url":"https://bugzilla.suse.com/919648"},{"type":"REPORT","url":"https://bugzilla.suse.com/920236"},{"type":"REPORT","url":"https://bugzilla.suse.com/922488"},{"type":"REPORT","url":"https://bugzilla.suse.com/922496"},{"type":"REPORT","url":"https://bugzilla.suse.com/922499"},{"type":"REPORT","url":"https://bugzilla.suse.com/922500"},{"type":"REPORT","url":"https://bugzilla.suse.com/922501"},{"type":"REPORT","url":"https://bugzilla.suse.com/929678"},{"type":"REPORT","url":"https://bugzilla.suse.com/931698"},{"type":"REPORT","url":"https://bugzilla.suse.com/933911"},{"type":"REPORT","url":"https://bugzilla.suse.com/934487"},{"type":"REPORT","url":"https://bugzilla.suse.com/934489"},{"type":"REPORT","url":"https://bugzilla.suse.com/934491"},{"type":"REPORT","url":"https://bugzilla.suse.com/934493"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2009-5146"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-0166"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-0169"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-0076"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-0221"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-0224"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-3470"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-3505"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-3506"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-3507"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-3508"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-3510"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-3513"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-3566"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-3567"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-3568"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-3570"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-3571"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-3572"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-8275"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0204"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0205"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0209"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0286"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0287"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0288"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0289"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0292"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0293"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-1788"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-1789"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-1790"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-1791"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-1792"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3216"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-4000"}],"related":["CVE-2009-5146","CVE-2013-0166","CVE-2013-0169","CVE-2014-0076","CVE-2014-0221","CVE-2014-0224","CVE-2014-3470","CVE-2014-3505","CVE-2014-3506","CVE-2014-3507","CVE-2014-3508","CVE-2014-3510","CVE-2014-3513","CVE-2014-3566","CVE-2014-3567","CVE-2014-3568","CVE-2014-3570","CVE-2014-3571","CVE-2014-3572","CVE-2014-8275","CVE-2015-0204","CVE-2015-0205","CVE-2015-0209","CVE-2015-0286","CVE-2015-0287","CVE-2015-0288","CVE-2015-0289","CVE-2015-0292","CVE-2015-0293","CVE-2015-1788","CVE-2015-1789","CVE-2015-1790","CVE-2015-1791","CVE-2015-1792","CVE-2015-3216","CVE-2015-4000"],"summary":"Security update for OpenSSL","upstream":["CVE-2009-5146","CVE-2013-0166","CVE-2013-0169","CVE-2014-0076","CVE-2014-0221","CVE-2014-0224","CVE-2014-3470","CVE-2014-3505","CVE-2014-3506","CVE-2014-3507","CVE-2014-3508","CVE-2014-3510","CVE-2014-3513","CVE-2014-3566","CVE-2014-3567","CVE-2014-3568","CVE-2014-3570","CVE-2014-3571","CVE-2014-3572","CVE-2014-8275","CVE-2015-0204","CVE-2015-0205","CVE-2015-0209","CVE-2015-0286","CVE-2015-0287","CVE-2015-0288","CVE-2015-0289","CVE-2015-0292","CVE-2015-0293","CVE-2015-1788","CVE-2015-1789","CVE-2015-1790","CVE-2015-1791","CVE-2015-1792","CVE-2015-3216","CVE-2015-4000"]}