7802 moderate openSUSE Leap 42.3 Update This update for mbedtls fixes the following issues: - CVE-2018-0487: Fixed a buffer overflow in RSASSA-PSS signature verification, which allowed remote attackers to execute arbitrary code or cause a denial of service via a crafted certificate chain. (boo#1080826) - CVE-2018-0488: Fixed a heap vulnerability, which allowed remote attackers to execute arbitrary code or cause a DoS via a crafted application packet when the truncated HMAC extension and CBC are used. (boo#1080828) - CVE-2017-18187: Fixed bound check in ssl_parse_client_psk_identity(), which might lead to an overflow. (boo#1080973) libmbedtls9-1.3.19-21.1.i586.rpm libmbedtls9-32bit-1.3.19-21.1.x86_64.rpm libmbedtls9-debuginfo-1.3.19-21.1.i586.rpm libmbedtls9-debuginfo-32bit-1.3.19-21.1.x86_64.rpm mbedtls-1.3.19-21.1.src.rpm mbedtls-debugsource-1.3.19-21.1.i586.rpm mbedtls-devel-1.3.19-21.1.i586.rpm libmbedtls9-1.3.19-21.1.x86_64.rpm libmbedtls9-debuginfo-1.3.19-21.1.x86_64.rpm mbedtls-debugsource-1.3.19-21.1.x86_64.rpm mbedtls-devel-1.3.19-21.1.x86_64.rpm