Gentoo Linux Security Advisory 202210-2 - Multiple vulnerabilities have been discovered in OpenSSL, the worst of which could result in denial of service. Versions less than 1.1.1q are affected.
e8a24ea6bd3d06d9f7c4b981793ddc01bf27c0b5de50f88e95ea9d23d62c2456Red Hat Security Advisory 2022-6224-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include a code execution vulnerability.
647502acba6e1f4ffdad854b5907359dbee61f52101031ae43a924968e013c02Ubuntu Security Notice 5402-2 - USN-5402-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 16.04 ESM. Elison Niven discovered that OpenSSL incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is run. Aliaksei Levin discovered that OpenSSL incorrectly handled resources when decoding certificates and keys. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS.
38897d1c35ed3fd17bf48d11add588afe226f3e13ae49956791b9fd6a4337cd4Ubuntu Security Notice 5402-1 - Elison Niven discovered that OpenSSL incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is run. Raul Metsma discovered that OpenSSL incorrectly verified certain response signing certificates. A remote attacker could possibly use this issue to spoof certain response signing certificates. This issue only affected Ubuntu 22.04 LTS.
9f908328ff337686f5d5cffc66667d81dbd3b4ce35629e2bd3050e7444f1fd8bOpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.
ee0078adcef1de5f003c62c80cc96527721609c6f3bb42b7795df31f8b558c0bOpenSSL Security Advisory 20220503 - The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Other issues were also addressed.
da0a32c3df546638b4876fba11798d7c64bce5b0a32daab04ad8becaec7a0d51
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed