This update for libressl to version 2.8.0 fixes the following issues:
Security issues fixed:
- CVE-2018-12434: Avoid a timing side-channel leak when generating DSA and
ECDSA signatures. (boo#1097779)
- Reject excessively large primes in DH key generation.
- CVE-2018-8970: Fixed a bug in int_x509_param_set_hosts, calling strlen()
if name length provided is 0 to match the OpenSSL behaviour.
(boo#1086778)
- Fixed an out-of-bounds read and crash in DES-fcrypt (boo#1065363)
You can find a detailed list of changes
[here](<a href=“https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.8.0-relnotes”>https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.8.0-relnotes</a>
.txt).