openssl-1.0.2l and libressl-2.6.2 are susceptible to an out-of-bounds read and crashes. https://marc.info/?l=openbsd-tech&m=150906184009035&w=2 So observed on Tumbleweed, and therefore very likely affects 42.2, 42.3 and SLE as well. openssl-1.1.0f has been found to not have the problem anymore. References: https://marc.info/?l=openbsd-tech&m=150906184009035&w=2 https://marc.info/?l=openbsd-tech&m=150906184009035&q=raw https://github.com/openssl/openssl/commit/6493e4801e9edbe1ad1e256d4ce9cd55c8aa2242#diff-bf594638aca419f471dd119cd22da58f @ Maintainer(s): Please confirm that only libressl-2.6.2 is vulnerable to this bug.
*** This bug has been marked as a duplicate of bug 636264 ***