{"affected":[{"ecosystem_specific":{"binaries":[{"libopenssl1-devel":"1.0.1g-0.58.3.1","libopenssl1_0_0":"1.0.1g-0.58.3.1","libopenssl1_0_0-32bit":"1.0.1g-0.58.3.1","libopenssl1_0_0-x86":"1.0.1g-0.58.3.1","openssl1":"1.0.1g-0.58.3.1","openssl1-doc":"1.0.1g-0.58.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11-SECURITY","name":"openssl1","purl":"pkg:rpm/suse/openssl1&distro=SUSE%20Linux%20Enterprise%20Server%2011-SECURITY"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.0.1g-0.58.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for openssl1 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2017-3735: Malformed X.509 IPAdressFamily could cause OOB read (bsc#1056058)\n- adjust DEFAULT_SUSE to meet 1.0.2 and current state (bsc#1027908)\n- out of bounds read+crash in DES_fcrypt (bsc#1065363)\n- DEFAULT_SUSE cipher list is missing ECDHE-ECDSA ciphers (bsc#1055825)\n- Missing important ciphers in openssl 1.0.1i-47.1 (bsc#990592)\n\nBug fixes:\n\n- support alternate root ca chains (bsc#1032261)\n- Require openssl1, so c_rehash1 is available during %post to hash the certificates (bsc#1057660)\n","id":"SUSE-SU-2017:2968-1","modified":"2017-11-09T17:18:45Z","published":"2017-11-09T17:18:45Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2017/suse-su-20172968-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1027908"},{"type":"REPORT","url":"https://bugzilla.suse.com/1032261"},{"type":"REPORT","url":"https://bugzilla.suse.com/1055825"},{"type":"REPORT","url":"https://bugzilla.suse.com/1056058"},{"type":"REPORT","url":"https://bugzilla.suse.com/1057660"},{"type":"REPORT","url":"https://bugzilla.suse.com/1065363"},{"type":"REPORT","url":"https://bugzilla.suse.com/990592"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3735"}],"related":["CVE-2017-3735"],"summary":"Security update for openssl1","upstream":["CVE-2017-3735"]}