8655 moderate openSUSE Leap 42.3 Update This update for libressl to version 2.8.0 fixes the following issues: Security issues fixed: - CVE-2018-12434: Avoid a timing side-channel leak when generating DSA and ECDSA signatures. (boo#1097779) - Reject excessively large primes in DH key generation. - CVE-2018-8970: Fixed a bug in int_x509_param_set_hosts, calling strlen() if name length provided is 0 to match the OpenSSL behaviour. (boo#1086778) - Fixed an out-of-bounds read and crash in DES-fcrypt (boo#1065363) You can find a detailed list of changes [here](https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.8.0-relnotes.txt). libcrypto43-2.8.0-11.1.i586.rpm libcrypto43-32bit-2.8.0-11.1.x86_64.rpm libcrypto43-debuginfo-2.8.0-11.1.i586.rpm libcrypto43-debuginfo-32bit-2.8.0-11.1.x86_64.rpm libressl-2.8.0-11.1.i586.rpm libressl-2.8.0-11.1.src.rpm libressl-debuginfo-2.8.0-11.1.i586.rpm libressl-debugsource-2.8.0-11.1.i586.rpm libressl-devel-2.8.0-11.1.i586.rpm libressl-devel-32bit-2.8.0-11.1.x86_64.rpm libressl-devel-doc-2.8.0-11.1.noarch.rpm libssl45-2.8.0-11.1.i586.rpm libssl45-32bit-2.8.0-11.1.x86_64.rpm libssl45-debuginfo-2.8.0-11.1.i586.rpm libssl45-debuginfo-32bit-2.8.0-11.1.x86_64.rpm libtls17-2.8.0-11.1.i586.rpm libtls17-32bit-2.8.0-11.1.x86_64.rpm libtls17-debuginfo-2.8.0-11.1.i586.rpm libtls17-debuginfo-32bit-2.8.0-11.1.x86_64.rpm libcrypto43-2.8.0-11.1.x86_64.rpm libcrypto43-debuginfo-2.8.0-11.1.x86_64.rpm libressl-2.8.0-11.1.x86_64.rpm libressl-debuginfo-2.8.0-11.1.x86_64.rpm libressl-debugsource-2.8.0-11.1.x86_64.rpm libressl-devel-2.8.0-11.1.x86_64.rpm libssl45-2.8.0-11.1.x86_64.rpm libssl45-debuginfo-2.8.0-11.1.x86_64.rpm libtls17-2.8.0-11.1.x86_64.rpm libtls17-debuginfo-2.8.0-11.1.x86_64.rpm