{"affected":[{"ecosystem_specific":{"binaries":[{"socat":"1.7.2.4-3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12","name":"socat","purl":"pkg:rpm/suse/socat&distro=SUSE%20Linux%20Enterprise%20Desktop%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.2.4-3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"socat":"1.7.2.4-3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP1","name":"socat","purl":"pkg:rpm/suse/socat&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.2.4-3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"socat":"1.7.2.4-3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12","name":"socat","purl":"pkg:rpm/suse/socat&distro=SUSE%20Linux%20Enterprise%20Server%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.2.4-3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"socat":"1.7.2.4-3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12","name":"socat","purl":"pkg:rpm/suse/socat&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.2.4-3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"socat":"1.7.2.4-3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP1","name":"socat","purl":"pkg:rpm/suse/socat&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.2.4-3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"socat":"1.7.2.4-3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP1","name":"socat","purl":"pkg:rpm/suse/socat&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.2.4-3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThis update for socat fixed the following issues:\n\n- bsc#964844: Fixed security advisory 8, Stack overflow in parser, http://www.openwall.com/lists/oss-security/2016/02/01/5.\n- bsc#938913: Improved resilience against Logjam attacks (CVE-2015-4000) by increasing the size of the default DH group from 512 to 2048 bit. This change avoids the non-prime 1024 bit DH p parameter in OpenSSL http://www.dest-unreach.org/socat/contrib/socat-secadv7.html.\n","id":"SUSE-SU-2016:0344-1","modified":"2016-02-05T09:11:54Z","published":"2016-02-05T09:11:54Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2016/suse-su-20160344-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/938913"},{"type":"REPORT","url":"https://bugzilla.suse.com/964844"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-4000"}],"related":["CVE-2015-4000"],"summary":"Security update for socat","upstream":["CVE-2015-4000"]}