This update for compat-openssl098 fixes the following issues:
CVE-2021-23840: Fixed an Integer overflow in CipherUpdate (bsc#1182333)
CVE-2021-23841: Fixed a Null pointer dereference in X509_issuer_and_serial_hash() (bsc#1182331)
Affected Packages
compat-openssl098
SUSE Linux Enterprise Module for Legacy 12SUSE Linux Enterprise Server for SAP Applications 12 SP2SUSE Linux Enterprise Server for SAP Applications 12 SP3SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5
Fixed in:
0.9.8j-106.24.1
libopenssl0_9_8
SUSE Linux Enterprise Module for Legacy 12SUSE Linux Enterprise Server for SAP Applications 12 SP2SUSE Linux Enterprise Server for SAP Applications 12 SP3SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5