{"affected":[{"ecosystem_specific":{"binaries":[{"erlang":"18.3.4.7-9.1","erlang-debugger":"18.3.4.7-9.1","erlang-debugger-src":"18.3.4.7-9.1","erlang-dialyzer":"18.3.4.7-9.1","erlang-dialyzer-src":"18.3.4.7-9.1","erlang-diameter":"18.3.4.7-9.1","erlang-diameter-src":"18.3.4.7-9.1","erlang-doc":"18.3.4.7-9.1","erlang-epmd":"18.3.4.7-9.1","erlang-et":"18.3.4.7-9.1","erlang-et-src":"18.3.4.7-9.1","erlang-gs":"18.3.4.7-9.1","erlang-gs-src":"18.3.4.7-9.1","erlang-jinterface":"18.3.4.7-9.1","erlang-jinterface-src":"18.3.4.7-9.1","erlang-observer":"18.3.4.7-9.1","erlang-observer-src":"18.3.4.7-9.1","erlang-reltool":"18.3.4.7-9.1","erlang-reltool-src":"18.3.4.7-9.1","erlang-src":"18.3.4.7-9.1","erlang-wx":"18.3.4.7-9.1","erlang-wx-src":"18.3.4.7-9.1"}]},"package":{"ecosystem":"SUSE:Package Hub 12","name":"erlang","purl":"pkg:rpm/suse/erlang&distro=SUSE%20Package%20Hub%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"18.3.4.7-9.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for erlang fixes security issues and bugs.\n\nThe following vulnerabilities were addressed:\n\n- CVE-2017-1000385: Harden against the Bleichenbacher attacher against RSA \n- CVE-2016-10253: Heap overflow through regular expressions (bsc#1030062)\n\nIn addition Erlang was updated to version 18.3.4.6, containing a number\nof upstream bug fixes and improvements.\n","id":"openSUSE-SU-2017:3255-1","modified":"2017-12-08T19:42:15Z","published":"2017-12-08T19:42:15Z","references":[{"type":"ADVISORY","url":null},{"type":"REPORT","url":"https://bugzilla.suse.com/1030062"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-10253"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-1000385"}],"related":["CVE-2016-10253","CVE-2017-1000385"],"summary":"Security update for erlang","upstream":["CVE-2016-10253","CVE-2017-1000385"]}