Novell Home

CVE-2013-0166

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-0166 at MITRE

Description

OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.

NVD CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Novell/SUSE information

Novell Bugzilla entries: 802648, 802746, 813366, 821818, 833408, 905106

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise for SAP Applications 11 SP1
  • compat-openssl097g >= 0.9.7g-146.20.24.1
  • compat-openssl097g-32bit >= 0.9.7g-146.20.24.1
Builds
SAT Patch Nr: 10032
SUSE Linux Enterprise Desktop 10 SP4 for x86
  • openssl >= 0.9.8a-18.76.1
  • openssl-devel >= 0.9.8a-18.76.1
Builds
ZYPP Patch Nr: 8517
SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T
  • openssl >= 0.9.8a-18.76.1
  • openssl-32bit >= 0.9.8a-18.76.1
  • openssl-devel >= 0.9.8a-18.76.1
  • openssl-devel-32bit >= 0.9.8a-18.76.1
Builds
ZYPP Patch Nr: 8517
SLE SDK 10 SP4 for IBM iSeries and IBM pSeries
SLE SDK 10 SP4 for IBM zSeries
SLE SDK 10 SP4 for IPF
SLE SDK 10 SP4 for X86-64
SLE SDK 10 SP4 for x86
  • openssl-doc >= 0.9.8a-18.76.1
Builds
ZYPP Patch Nr: 8517
SUSE Linux Enterprise Server 10 SP4 for x86
  • openssl >= 0.9.8a-18.76.1
  • openssl-devel >= 0.9.8a-18.76.1
  • openssl-doc >= 0.9.8a-18.76.1
Builds
ZYPP Patch Nr: 8517
SUSE Linux Enterprise Server 10 SP4 for IPF
  • openssl >= 0.9.8a-18.76.1
  • openssl-devel >= 0.9.8a-18.76.1
  • openssl-doc >= 0.9.8a-18.76.1
  • openssl-x86 >= 0.9.8a-18.76.1
Builds
ZYPP Patch Nr: 8517
SUSE Linux Enterprise Server 10 SP4 for IBM POWER
  • openssl >= 0.9.8a-18.76.1
  • openssl-64bit >= 0.9.8a-18.76.1
  • openssl-devel >= 0.9.8a-18.76.1
  • openssl-devel-64bit >= 0.9.8a-18.76.1
  • openssl-doc >= 0.9.8a-18.76.1
Builds
ZYPP Patch Nr: 8517
SUSE Linux Enterprise Server 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP4 for IBM zSeries 64bit
  • openssl >= 0.9.8a-18.76.1
  • openssl-32bit >= 0.9.8a-18.76.1
  • openssl-devel >= 0.9.8a-18.76.1
  • openssl-devel-32bit >= 0.9.8a-18.76.1
  • openssl-doc >= 0.9.8a-18.76.1
Builds
ZYPP Patch Nr: 8517
SUSE Linux Enterprise Software Development Kit 11 SP2
  • libopenssl-devel >= 0.9.8j-0.50.1
Builds
SAT Patch Nr: 7548
SUSE Linux Enterprise Desktop 11 SP2
  • libopenssl0_9_8 >= 0.9.8j-0.50.1
  • openssl >= 0.9.8j-0.50.1
Builds
SAT Patch Nr: 7548
SUSE Linux Enterprise Desktop 11 SP2
  • libopenssl0_9_8 >= 0.9.8j-0.50.1
  • libopenssl0_9_8-32bit >= 0.9.8j-0.50.1
  • openssl >= 0.9.8j-0.50.1
Builds
SAT Patch Nr: 7548
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • libopenssl0_9_8 >= 0.9.8j-0.50.1
  • libopenssl0_9_8-hmac >= 0.9.8j-0.50.1
  • openssl >= 0.9.8j-0.50.1
  • openssl-doc >= 0.9.8j-0.50.1
Builds
SAT Patch Nr: 7548
SUSE Linux Enterprise Server 11 SP2 for VMware
  • libopenssl0_9_8 >= 0.9.8j-0.50.1
  • libopenssl0_9_8-32bit >= 0.9.8j-0.50.1
  • libopenssl0_9_8-hmac >= 0.9.8j-0.50.1
  • openssl >= 0.9.8j-0.50.1
  • openssl-doc >= 0.9.8j-0.50.1
Builds
SAT Patch Nr: 7548
SUSE Linux Enterprise Server 11 SP2
  • libopenssl0_9_8 >= 0.9.8j-0.50.1
  • libopenssl0_9_8-hmac >= 0.9.8j-0.50.1
  • libopenssl0_9_8-hmac-x86 >= 0.9.8j-0.50.1
  • libopenssl0_9_8-x86 >= 0.9.8j-0.50.1
  • openssl >= 0.9.8j-0.50.1
  • openssl-doc >= 0.9.8j-0.50.1
Builds
SAT Patch Nr: 7548
SUSE Linux Enterprise Server 11 SP2
  • libopenssl0_9_8 >= 0.9.8j-0.50.1
  • libopenssl0_9_8-32bit >= 0.9.8j-0.50.1
  • libopenssl0_9_8-hmac >= 0.9.8j-0.50.1
  • libopenssl0_9_8-hmac-32bit >= 0.9.8j-0.50.1
  • openssl >= 0.9.8j-0.50.1
  • openssl-doc >= 0.9.8j-0.50.1
Builds
SAT Patch Nr: 7548
SUSE Linux Enterprise Desktop 11 SP3
  • compat-openssl097g >= 0.9.7g-146.20.24.1
Builds
SAT Patch Nr: 10033
SUSE Linux Enterprise Desktop 11 SP3
  • compat-openssl097g >= 0.9.7g-146.20.24.1
  • compat-openssl097g-32bit >= 0.9.7g-146.20.24.1
Builds
SAT Patch Nr: 10033
SUSE CORE 9 for IBM S/390 31bit
SUSE CORE 9 for x86
  • openssl >= 0.9.7d-15.48
  • openssl-devel >= 0.9.7d-15.48
  • openssl-doc >= 0.9.7d-15.48
Builds
YOU Patch Nr: 12972
SUSE CORE 9 for IBM zSeries 64bit
  • openssl >= 0.9.7d-15.48
  • openssl-32bit >= 9-201308121642
  • openssl-devel >= 0.9.7d-15.48
  • openssl-devel-32bit >= 9-201308121642
  • openssl-doc >= 0.9.7d-15.48
Builds
YOU Patch Nr: 12972
SUSE CORE 9 for AMD64 and Intel EM64T
  • openssl >= 0.9.7d-15.48
  • openssl-32bit >= 9-201308121627
  • openssl-devel >= 0.9.7d-15.48
  • openssl-devel-32bit >= 9-201308121627
  • openssl-doc >= 0.9.7d-15.48
Builds
YOU Patch Nr: 12972
SUSE Linux Enterprise Server 10 SP3 LTSS for x86
  • openssl >= 0.9.8a-18.45.69.1
  • openssl-devel >= 0.9.8a-18.45.69.1
  • openssl-doc >= 0.9.8a-18.45.69.1
Builds
ZYPP Patch Nr: 8528
SUSE Linux Enterprise Server 10 SP3 LTSS for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP3 LTSS for IBM zSeries 64bit
  • openssl >= 0.9.8a-18.45.69.1
  • openssl-32bit >= 0.9.8a-18.45.69.1
  • openssl-devel >= 0.9.8a-18.45.69.1
  • openssl-devel-32bit >= 0.9.8a-18.45.69.1
  • openssl-doc >= 0.9.8a-18.45.69.1
Builds
ZYPP Patch Nr: 8528
SUSE Linux Enterprise Server 11 SP1 LTSS
  • libopenssl0_9_8 >= 0.9.8j-0.50.1
  • libopenssl0_9_8-hmac >= 0.9.8j-0.50.1
  • openssl >= 0.9.8j-0.50.1
  • openssl-doc >= 0.9.8j-0.50.1
Builds
SAT Patch Nr: 7564
SUSE Linux Enterprise Server 11 SP1 LTSS
  • libopenssl0_9_8 >= 0.9.8j-0.50.1
  • libopenssl0_9_8-32bit >= 0.9.8j-0.50.1
  • libopenssl0_9_8-hmac >= 0.9.8j-0.50.1
  • libopenssl0_9_8-hmac-32bit >= 0.9.8j-0.50.1
  • openssl >= 0.9.8j-0.50.1
  • openssl-doc >= 0.9.8j-0.50.1
Builds
SAT Patch Nr: 7564

© 2014 Novell