{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for openssl","title":"Title of the patch"},{"category":"description","text":"\nThis update for openssl fixes the following issues:\n\nOpenSSL Security Advisory [22 Sep 2016] (bsc#999665)\n\nSeverity: High\n* OCSP Status Request extension unbounded memory growth (CVE-2016-6304) (bsc#999666)\n\nSeverity: Low\n* Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575)\n* Constant time flag not preserved in DSA signing (CVE-2016-2178) (bsc#983249)\n* DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)\n* OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (bsc#990419)\n* DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)\n* OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)\n* Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183) (bsc#995359)\n* Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)\n* OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)\n* Certificate message OOB reads (CVE-2016-6306) (bsc#999668)\n\nMore information can be found on: https://www.openssl.org/news/secadv/20160922.txt\n\nAlso following bugs were fixed:\n* update expired S/MIME certs (bsc#979475)\n* improve s390x performance (bsc#982745)\n* allow >= 64GB AESGCM transfers (bsc#988591)\n* fix crash in print_notice (bsc#998190)\n* resume reading from /dev/urandom when interrupted by a signal (bsc#995075)\n","title":"Description of the patch"},{"category":"details","text":"SUSE-SLE-SAP-12-2016-1386,SUSE-SLE-SERVER-12-2016-1386","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_2387-1.json"},{"category":"self","summary":"URL for SUSE-SU-2016:2387-1","url":"https://www.suse.com/support/update/announcement/2016/suse-su-20162387-1/"},{"category":"self","summary":"E-Mail link for SUSE-SU-2016:2387-1","url":"https://lists.suse.com/pipermail/sle-security-updates/2016-September/002288.html"},{"category":"self","summary":"SUSE Bug 979475","url":"https://bugzilla.suse.com/979475"},{"category":"self","summary":"SUSE Bug 982575","url":"https://bugzilla.suse.com/982575"},{"category":"self","summary":"SUSE Bug 982745","url":"https://bugzilla.suse.com/982745"},{"category":"self","summary":"SUSE Bug 983249","url":"https://bugzilla.suse.com/983249"},{"category":"self","summary":"SUSE Bug 988591","url":"https://bugzilla.suse.com/988591"},{"category":"self","summary":"SUSE Bug 990419","url":"https://bugzilla.suse.com/990419"},{"category":"self","summary":"SUSE Bug 993819","url":"https://bugzilla.suse.com/993819"},{"category":"self","summary":"SUSE Bug 994749","url":"https://bugzilla.suse.com/994749"},{"category":"self","summary":"SUSE Bug 994844","url":"https://bugzilla.suse.com/994844"},{"category":"self","summary":"SUSE Bug 995075","url":"https://bugzilla.suse.com/995075"},{"category":"self","summary":"SUSE Bug 995324","url":"https://bugzilla.suse.com/995324"},{"category":"self","summary":"SUSE Bug 995359","url":"https://bugzilla.suse.com/995359"},{"category":"self","summary":"SUSE Bug 995377","url":"https://bugzilla.suse.com/995377"},{"category":"self","summary":"SUSE Bug 998190","url":"https://bugzilla.suse.com/998190"},{"category":"self","summary":"SUSE Bug 999665","url":"https://bugzilla.suse.com/999665"},{"category":"self","summary":"SUSE Bug 999666","url":"https://bugzilla.suse.com/999666"},{"category":"self","summary":"SUSE Bug 999668","url":"https://bugzilla.suse.com/999668"},{"category":"self","summary":"SUSE CVE CVE-2016-2177 page","url":"https://www.suse.com/security/cve/CVE-2016-2177/"},{"category":"self","summary":"SUSE CVE CVE-2016-2178 page","url":"https://www.suse.com/security/cve/CVE-2016-2178/"},{"category":"self","summary":"SUSE CVE CVE-2016-2179 page","url":"https://www.suse.com/security/cve/CVE-2016-2179/"},{"category":"self","summary":"SUSE CVE CVE-2016-2180 page","url":"https://www.suse.com/security/cve/CVE-2016-2180/"},{"category":"self","summary":"SUSE CVE CVE-2016-2181 page","url":"https://www.suse.com/security/cve/CVE-2016-2181/"},{"category":"self","summary":"SUSE CVE CVE-2016-2182 page","url":"https://www.suse.com/security/cve/CVE-2016-2182/"},{"category":"self","summary":"SUSE CVE CVE-2016-2183 page","url":"https://www.suse.com/security/cve/CVE-2016-2183/"},{"category":"self","summary":"SUSE CVE CVE-2016-6302 page","url":"https://www.suse.com/security/cve/CVE-2016-6302/"},{"category":"self","summary":"SUSE CVE CVE-2016-6303 page","url":"https://www.suse.com/security/cve/CVE-2016-6303/"},{"category":"self","summary":"SUSE CVE CVE-2016-6304 page","url":"https://www.suse.com/security/cve/CVE-2016-6304/"},{"category":"self","summary":"SUSE CVE CVE-2016-6306 page","url":"https://www.suse.com/security/cve/CVE-2016-6306/"}],"title":"Security update for openssl","tracking":{"current_release_date":"2016-09-26T14:01:02Z","generator":{"date":"2016-09-26T14:01:02Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"SUSE-SU-2016:2387-1","initial_release_date":"2016-09-26T14:01:02Z","revision_history":[{"date":"2016-09-26T14:01:02Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"openssl-doc-1.0.1i-27.21.1.noarch","product":{"name":"openssl-doc-1.0.1i-27.21.1.noarch","product_id":"openssl-doc-1.0.1i-27.21.1.noarch"}}],"category":"architecture","name":"noarch"},{"branches":[{"category":"product_version","name":"libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","product":{"name":"libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","product_id":"libopenssl1_0_0-1.0.1i-27.21.1.ppc64le"}},{"category":"product_version","name":"libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","product":{"name":"libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","product_id":"libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le"}},{"category":"product_version","name":"openssl-1.0.1i-27.21.1.ppc64le","product":{"name":"openssl-1.0.1i-27.21.1.ppc64le","product_id":"openssl-1.0.1i-27.21.1.ppc64le"}}],"category":"architecture","name":"ppc64le"},{"branches":[{"category":"product_version","name":"libopenssl1_0_0-1.0.1i-27.21.1.s390x","product":{"name":"libopenssl1_0_0-1.0.1i-27.21.1.s390x","product_id":"libopenssl1_0_0-1.0.1i-27.21.1.s390x"}},{"category":"product_version","name":"libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","product":{"name":"libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","product_id":"libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x"}},{"category":"product_version","name":"libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","product":{"name":"libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","product_id":"libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x"}},{"category":"product_version","name":"libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","product":{"name":"libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","product_id":"libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x"}},{"category":"product_version","name":"openssl-1.0.1i-27.21.1.s390x","product":{"name":"openssl-1.0.1i-27.21.1.s390x","product_id":"openssl-1.0.1i-27.21.1.s390x"}}],"category":"architecture","name":"s390x"},{"branches":[{"category":"product_version","name":"libopenssl1_0_0-1.0.1i-27.21.1.x86_64","product":{"name":"libopenssl1_0_0-1.0.1i-27.21.1.x86_64","product_id":"libopenssl1_0_0-1.0.1i-27.21.1.x86_64"}},{"category":"product_version","name":"libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","product":{"name":"libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","product_id":"libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64"}},{"category":"product_version","name":"libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","product":{"name":"libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","product_id":"libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64"}},{"category":"product_version","name":"libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","product":{"name":"libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","product_id":"libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64"}},{"category":"product_version","name":"openssl-1.0.1i-27.21.1.x86_64","product":{"name":"openssl-1.0.1i-27.21.1.x86_64","product_id":"openssl-1.0.1i-27.21.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 12","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 12","product_id":"SUSE Linux Enterprise Server for SAP Applications 12","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:12"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12-LTSS","product":{"name":"SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:12"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"libopenssl1_0_0-1.0.1i-27.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12","product_id":"SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64"},"product_reference":"libopenssl1_0_0-1.0.1i-27.21.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12"},{"category":"default_component_of","full_product_name":{"name":"libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12","product_id":"SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64"},"product_reference":"libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12"},{"category":"default_component_of","full_product_name":{"name":"libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12","product_id":"SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64"},"product_reference":"libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12"},{"category":"default_component_of","full_product_name":{"name":"libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12","product_id":"SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64"},"product_reference":"libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12"},{"category":"default_component_of","full_product_name":{"name":"openssl-1.0.1i-27.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12","product_id":"SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64"},"product_reference":"openssl-1.0.1i-27.21.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12"},{"category":"default_component_of","full_product_name":{"name":"openssl-doc-1.0.1i-27.21.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12","product_id":"SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"},"product_reference":"openssl-doc-1.0.1i-27.21.1.noarch","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12"},{"category":"default_component_of","full_product_name":{"name":"libopenssl1_0_0-1.0.1i-27.21.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le"},"product_reference":"libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libopenssl1_0_0-1.0.1i-27.21.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x"},"product_reference":"libopenssl1_0_0-1.0.1i-27.21.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libopenssl1_0_0-1.0.1i-27.21.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64"},"product_reference":"libopenssl1_0_0-1.0.1i-27.21.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x"},"product_reference":"libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64"},"product_reference":"libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le"},"product_reference":"libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x"},"product_reference":"libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64"},"product_reference":"libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x"},"product_reference":"libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64"},"product_reference":"libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"openssl-1.0.1i-27.21.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le"},"product_reference":"openssl-1.0.1i-27.21.1.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"openssl-1.0.1i-27.21.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x"},"product_reference":"openssl-1.0.1i-27.21.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"openssl-1.0.1i-27.21.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64"},"product_reference":"openssl-1.0.1i-27.21.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"openssl-doc-1.0.1i-27.21.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch"},"product_reference":"openssl-doc-1.0.1i-27.21.1.noarch","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"}]},"vulnerabilities":[{"cve":"CVE-2016-2177","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-2177"}],"notes":[{"category":"general","text":"OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]},"references":[{"category":"external","summary":"CVE-2016-2177","url":"https://www.suse.com/security/cve/CVE-2016-2177"},{"category":"external","summary":"SUSE Bug 982575 for CVE-2016-2177","url":"https://bugzilla.suse.com/982575"},{"category":"external","summary":"SUSE Bug 999075 for CVE-2016-2177","url":"https://bugzilla.suse.com/999075"},{"category":"external","summary":"SUSE Bug 999665 for CVE-2016-2177","url":"https://bugzilla.suse.com/999665"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"scores":[{"cvss_v3":{"baseScore":5.9,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"threats":[{"category":"impact","date":"2016-09-26T14:01:02Z","details":"important"}],"title":"CVE-2016-2177"},{"cve":"CVE-2016-2178","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-2178"}],"notes":[{"category":"general","text":"The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]},"references":[{"category":"external","summary":"CVE-2016-2178","url":"https://www.suse.com/security/cve/CVE-2016-2178"},{"category":"external","summary":"SUSE Bug 1004104 for CVE-2016-2178","url":"https://bugzilla.suse.com/1004104"},{"category":"external","summary":"SUSE Bug 983249 for CVE-2016-2178","url":"https://bugzilla.suse.com/983249"},{"category":"external","summary":"SUSE Bug 983519 for CVE-2016-2178","url":"https://bugzilla.suse.com/983519"},{"category":"external","summary":"SUSE Bug 999665 for CVE-2016-2178","url":"https://bugzilla.suse.com/999665"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"threats":[{"category":"impact","date":"2016-09-26T14:01:02Z","details":"moderate"}],"title":"CVE-2016-2178"},{"cve":"CVE-2016-2179","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-2179"}],"notes":[{"category":"general","text":"The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]},"references":[{"category":"external","summary":"CVE-2016-2179","url":"https://www.suse.com/security/cve/CVE-2016-2179"},{"category":"external","summary":"SUSE Bug 1004104 for CVE-2016-2179","url":"https://bugzilla.suse.com/1004104"},{"category":"external","summary":"SUSE Bug 994844 for CVE-2016-2179","url":"https://bugzilla.suse.com/994844"},{"category":"external","summary":"SUSE Bug 999665 for CVE-2016-2179","url":"https://bugzilla.suse.com/999665"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"threats":[{"category":"impact","date":"2016-09-26T14:01:02Z","details":"moderate"}],"title":"CVE-2016-2179"},{"cve":"CVE-2016-2180","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-2180"}],"notes":[{"category":"general","text":"The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted time-stamp file that is mishandled by the \"openssl ts\" command.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]},"references":[{"category":"external","summary":"CVE-2016-2180","url":"https://www.suse.com/security/cve/CVE-2016-2180"},{"category":"external","summary":"SUSE Bug 1003811 for CVE-2016-2180","url":"https://bugzilla.suse.com/1003811"},{"category":"external","summary":"SUSE Bug 990419 for CVE-2016-2180","url":"https://bugzilla.suse.com/990419"},{"category":"external","summary":"SUSE Bug 999665 for CVE-2016-2180","url":"https://bugzilla.suse.com/999665"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"threats":[{"category":"impact","date":"2016-09-26T14:01:02Z","details":"low"}],"title":"CVE-2016-2180"},{"cve":"CVE-2016-2181","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-2181"}],"notes":[{"category":"general","text":"The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service (false-positive packet drops) via spoofed DTLS records, related to rec_layer_d1.c and ssl3_record.c.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]},"references":[{"category":"external","summary":"CVE-2016-2181","url":"https://www.suse.com/security/cve/CVE-2016-2181"},{"category":"external","summary":"SUSE Bug 1004104 for CVE-2016-2181","url":"https://bugzilla.suse.com/1004104"},{"category":"external","summary":"SUSE Bug 994749 for CVE-2016-2181","url":"https://bugzilla.suse.com/994749"},{"category":"external","summary":"SUSE Bug 994844 for CVE-2016-2181","url":"https://bugzilla.suse.com/994844"},{"category":"external","summary":"SUSE Bug 999665 for CVE-2016-2181","url":"https://bugzilla.suse.com/999665"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"threats":[{"category":"impact","date":"2016-09-26T14:01:02Z","details":"moderate"}],"title":"CVE-2016-2181"},{"cve":"CVE-2016-2182","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-2182"}],"notes":[{"category":"general","text":"The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]},"references":[{"category":"external","summary":"CVE-2016-2182","url":"https://www.suse.com/security/cve/CVE-2016-2182"},{"category":"external","summary":"SUSE Bug 1004104 for CVE-2016-2182","url":"https://bugzilla.suse.com/1004104"},{"category":"external","summary":"SUSE Bug 993819 for CVE-2016-2182","url":"https://bugzilla.suse.com/993819"},{"category":"external","summary":"SUSE Bug 994844 for CVE-2016-2182","url":"https://bugzilla.suse.com/994844"},{"category":"external","summary":"SUSE Bug 995959 for CVE-2016-2182","url":"https://bugzilla.suse.com/995959"},{"category":"external","summary":"SUSE Bug 999665 for CVE-2016-2182","url":"https://bugzilla.suse.com/999665"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"scores":[{"cvss_v3":{"baseScore":9.8,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"threats":[{"category":"impact","date":"2016-09-26T14:01:02Z","details":"moderate"}],"title":"CVE-2016-2182"},{"cve":"CVE-2016-2183","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-2183"}],"notes":[{"category":"general","text":"The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a \"Sweet32\" attack.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]},"references":[{"category":"external","summary":"CVE-2016-2183","url":"https://www.suse.com/security/cve/CVE-2016-2183"},{"category":"external","summary":"SUSE Bug 1001912 for CVE-2016-2183","url":"https://bugzilla.suse.com/1001912"},{"category":"external","summary":"SUSE Bug 1024218 for CVE-2016-2183","url":"https://bugzilla.suse.com/1024218"},{"category":"external","summary":"SUSE Bug 1027038 for CVE-2016-2183","url":"https://bugzilla.suse.com/1027038"},{"category":"external","summary":"SUSE Bug 1034689 for CVE-2016-2183","url":"https://bugzilla.suse.com/1034689"},{"category":"external","summary":"SUSE Bug 1056614 for CVE-2016-2183","url":"https://bugzilla.suse.com/1056614"},{"category":"external","summary":"SUSE Bug 1171693 for CVE-2016-2183","url":"https://bugzilla.suse.com/1171693"},{"category":"external","summary":"SUSE Bug 994844 for CVE-2016-2183","url":"https://bugzilla.suse.com/994844"},{"category":"external","summary":"SUSE Bug 995359 for CVE-2016-2183","url":"https://bugzilla.suse.com/995359"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"threats":[{"category":"impact","date":"2016-09-26T14:01:02Z","details":"moderate"}],"title":"CVE-2016-2183"},{"cve":"CVE-2016-6302","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-6302"}],"notes":[{"category":"general","text":"The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]},"references":[{"category":"external","summary":"CVE-2016-6302","url":"https://www.suse.com/security/cve/CVE-2016-6302"},{"category":"external","summary":"SUSE Bug 1004104 for CVE-2016-6302","url":"https://bugzilla.suse.com/1004104"},{"category":"external","summary":"SUSE Bug 994844 for CVE-2016-6302","url":"https://bugzilla.suse.com/994844"},{"category":"external","summary":"SUSE Bug 995324 for CVE-2016-6302","url":"https://bugzilla.suse.com/995324"},{"category":"external","summary":"SUSE Bug 999665 for CVE-2016-6302","url":"https://bugzilla.suse.com/999665"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"threats":[{"category":"impact","date":"2016-09-26T14:01:02Z","details":"moderate"}],"title":"CVE-2016-6302"},{"cve":"CVE-2016-6303","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-6303"}],"notes":[{"category":"general","text":"Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]},"references":[{"category":"external","summary":"CVE-2016-6303","url":"https://www.suse.com/security/cve/CVE-2016-6303"},{"category":"external","summary":"SUSE Bug 1004104 for CVE-2016-6303","url":"https://bugzilla.suse.com/1004104"},{"category":"external","summary":"SUSE Bug 1115893 for CVE-2016-6303","url":"https://bugzilla.suse.com/1115893"},{"category":"external","summary":"SUSE Bug 994844 for CVE-2016-6303","url":"https://bugzilla.suse.com/994844"},{"category":"external","summary":"SUSE Bug 995377 for CVE-2016-6303","url":"https://bugzilla.suse.com/995377"},{"category":"external","summary":"SUSE Bug 999665 for CVE-2016-6303","url":"https://bugzilla.suse.com/999665"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"scores":[{"cvss_v3":{"baseScore":9.8,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"threats":[{"category":"impact","date":"2016-09-26T14:01:02Z","details":"moderate"}],"title":"CVE-2016-6303"},{"cve":"CVE-2016-6304","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-6304"}],"notes":[{"category":"general","text":"Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]},"references":[{"category":"external","summary":"CVE-2016-6304","url":"https://www.suse.com/security/cve/CVE-2016-6304"},{"category":"external","summary":"SUSE Bug 1001706 for CVE-2016-6304","url":"https://bugzilla.suse.com/1001706"},{"category":"external","summary":"SUSE Bug 1003811 for CVE-2016-6304","url":"https://bugzilla.suse.com/1003811"},{"category":"external","summary":"SUSE Bug 1004104 for CVE-2016-6304","url":"https://bugzilla.suse.com/1004104"},{"category":"external","summary":"SUSE Bug 1005579 for CVE-2016-6304","url":"https://bugzilla.suse.com/1005579"},{"category":"external","summary":"SUSE Bug 1021375 for CVE-2016-6304","url":"https://bugzilla.suse.com/1021375"},{"category":"external","summary":"SUSE Bug 999665 for CVE-2016-6304","url":"https://bugzilla.suse.com/999665"},{"category":"external","summary":"SUSE Bug 999666 for CVE-2016-6304","url":"https://bugzilla.suse.com/999666"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"threats":[{"category":"impact","date":"2016-09-26T14:01:02Z","details":"moderate"}],"title":"CVE-2016-6304"},{"cve":"CVE-2016-6306","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-6306"}],"notes":[{"category":"general","text":"The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]},"references":[{"category":"external","summary":"CVE-2016-6306","url":"https://www.suse.com/security/cve/CVE-2016-6306"},{"category":"external","summary":"SUSE Bug 1004104 for CVE-2016-6306","url":"https://bugzilla.suse.com/1004104"},{"category":"external","summary":"SUSE Bug 999665 for CVE-2016-6306","url":"https://bugzilla.suse.com/999665"},{"category":"external","summary":"SUSE Bug 999668 for CVE-2016-6306","url":"https://bugzilla.suse.com/999668"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"scores":[{"cvss_v3":{"baseScore":5.9,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.s390x","SUSE Linux Enterprise Server 12-LTSS:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:openssl-doc-1.0.1i-27.21.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:libopenssl1_0_0-hmac-32bit-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-1.0.1i-27.21.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12:openssl-doc-1.0.1i-27.21.1.noarch"]}],"threats":[{"category":"impact","date":"2016-09-26T14:01:02Z","details":"low"}],"title":"CVE-2016-6306"}]}