SUSE has issued an advisory on March 1: https://lists.suse.com/pipermail/sle-security-updates/2023-March/013955.html Note that this package should probably be getting dropped (Bug 26957). Mageia 8 is also affected.
See Also: (none) => https://bugs.mageia.org/show_bug.cgi?id=26957Whiteboard: (none) => MGA8TOO
Neither cauldron nor mageia 8 are affected, they both use 2048 bits DH parameters: #ifdef USE_SSL_DH dh = get_dh2048(); SSL_CTX_set_tmp_dh(ctx, dh); DH_free(dh); #endif And the so-called alternative, NCPA, is still incompatible with our packaging standards.
Status: NEW => RESOLVEDResolution: (none) => INVALID