[ubuntu/focal-updates] openssl 1.1.1f-1ubuntu2.21 (Accepted)

Ubuntu Archive Robot ubuntu-archive-robot at lists.canonical.com
Mon Feb 5 11:28:23 UTC 2024

openssl (1.1.1f-1ubuntu2.21) focal-security; urgency=medium

  * SECURITY UPDATE: Excessive time spent in DH check / generation with
    large Q parameter value
    - debian/patches/CVE-2023-5678.patch: make DH_check_pub_key() and
      DH_generate_key() safer yet in crypto/dh/dh_check.c,
      crypto/dh/dh_err.c, crypto/dh/dh_key.c, crypto/err/openssl.txt,
      include/openssl/dh.h, include/openssl/dherr.h.
    - CVE-2023-5678
  * SECURITY UPDATE: PKCS12 Decoding crashes
    - debian/patches/CVE-2024-0727.patch: add NULL checks where ContentInfo
      data can be NULL in crypto/pkcs12/p12_add.c,
      crypto/pkcs12/p12_mutl.c, crypto/pkcs12/p12_npas.c,
    - CVE-2024-0727

Date: 2024-02-01 12:04:13.326365+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Focal-changes mailing list