Debian Security Advisory 3773-1

Debian Security Advisory 3773-1: Posted Jan 30, 2017; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3773-1 - Several vulnerabilities were discovered in OpenSSL.; tags | advisory, vulnerability; systems | linux, debian; advisories | CVE-2016-7056, CVE-2016-8610, CVE-2017-3731; SHA-256 | 01bd6a88895c0b06c9b01d6c418869bc5ad658b8207b7d6490fcf993610bde45; Download | Favorite | View

Debian Security Advisory 3773-1


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3773-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
January 27, 2017                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : openssl
CVE ID         : CVE-2016-7056 CVE-2016-8610 CVE-2017-3731

Several vulnerabilities were discovered in OpenSSL:
      
CVE-2016-7056

    A local timing attack was discovered against ECDSA P-256.

CVE-2016-8610

    It was discovered that no limit was imposed on alert packets during
    an SSL handshake.

CVE-2017-3731

    Robert Swiecki discovered that the RC4-MD5 cipher when running on
    32 bit systems could be forced into an out-of-bounds read, resulting
    in denial of service.

For the stable distribution (jessie), these problems have been fixed in
version 1.0.1t-1+deb8u6.

For the unstable distribution (sid), these problems have been fixed in
version 1.1.0d-1 of the openssl source package and in version 1.0.2k-1
of the openssl1.0 source package.

We recommend that you upgrade your openssl packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAliLo/kACgkQEMKTtsN8
TjZTrA/+OyKEr6KnRgToU5LzrXyOQRTW9UgAD9jl0gjDbLiWQRb4SqsBUGHAqHWY
K2Hmo6HgN+gr0rLQnk09ivv7ND8FmdxuONbaHvllNKa8JnD9AByusAODhkI4bJLV
FWy5uGS2L/vrs79g1GtZiCyXdwBFGLZArf4rzRNmbBJfMhm8Wll+rMVEiRNXV67U
xvi3sVBcrNO9PfD/c+BTaVwvMNMkHb9hnTNUbeVSCSPlnik3uSS2UNtwUdBNZzKb
vnVVMWK7mj6+OuDT5rksYsBKhsyzRoY+ehxHiWCV2PvYoXpeHxDgezkT/6LWFb+o
R7jyjsrB8cglSnIn/7dpCJePIhY9k+Lpx9WmsQ3XROp1BMpDVqepb82cWy1PCDdu
1AL2lHbv6A2ST1tw1rli08napxXSjEebKvFzg8/Hd5yuBEUPe92wQWAjzjYcpPtJ
vlseoNIB5YvVS8+UKr5bhYYp43nNFgP47b+z16xrAbxrDrWl+DnYAzCFyuoypLU9
rFUnPyWfF9dcI5LsAMXgbnozw5PlxPjMc6vs305SwGlTVw6+o81obM4YEGRjU7gS
8jcGERUFBW62RyulmAhp8TAFgqcUpKWbvPAkbe/rQvNK1JEy4xT/xt9Z+AVu8y2s
Xz2Xd4ZN9pdvBvvXZqw3MZfV0e4KhMd0eFyVcAgBgLAbu8kTJjI=
=7Jwc
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 252 files
Ubuntu 107 files
indoushka 20 files
Debian 19 files
Gentoo 14 files
Google Security Research 13 files
CraCkEr 11 files
Mirabbas Agalarov 9 files
nu11secur1ty 8 files
Apple 8 files

File Archives

Systems

AIX (428)
Apple (1,979)
BSD (373)
CentOS (57)
Cisco (1,920)
Debian (6,754)
Fedora (1,691)
FreeBSD (1,244)
Gentoo (4,321)
HPUX (879)
iOS (344)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,838)
Mac OS X (685)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (13,356)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,642)
UNIX (9,244)
UnixWare (186)
Windows (6,555)
Other

Debian Security Advisory 3773-1

Debian Security Advisory 3773-1

File Archive:

June 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 3773-1

Share This

Debian Security Advisory 3773-1

File Archive:

June 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems