View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2016-2108 severity important: SUSE including 61 source package names (compat-openssl097g-0.9.7g-146.22.44.1, compat-openssl097g-0.9.7g-146.22.50.1, …), 160 product×package rows across 40 product lines (Image SLES12-SP5-Azure-SAP-BYOS, Image SLES12-SP5-Azure-SAP-On-Demand, … (40 product lines)): Fixed 160.
The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue.