SUSE Security Announcement - This is the SUSE-SU-403 Forbidden-1 security update for OpenSSL. This update improves the ClientHello handshake message parsing function. Prior to this update is was possible that this function reads beyond the end of a message leading to invalid memory access and a crash. Under some circumstances it was possible that information from the OCSP extensions was disclosed.
50c52c2e0fdd8eb6b1d4dd0b903981e171646d9fea43adee0e5936425186a5bb