An update that fixes two vulnerabilities is now available.
This update for bouncycastle fixes the following issues:
Security issues fixed:
- CVE-2018-1000613: Fix use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') (boo#1100694). - CVE-2017-13098: Fix against Bleichenbacher oracle when not using the lightweight APIs (boo#1072697).
To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product: