Ubuntu Security Notice 2459-1 - Pieter Wuille discovered that OpenSSL incorrectly handled Bignum squaring. Markus Stenberg discovered that OpenSSL incorrectly handled certain crafted DTLS messages. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. Karthikeyan Bhargavan discovered that OpenSSL incorrectly handled certain handshakes. A remote attacker could possibly use this issue to downgrade to ECDH, removing forward secrecy from the ciphersuite. Various other issues were also addressed.
6f00b72626b6f68f0c06341bf3ac10a1e5f66a900767d453b7c8cff5bbe8ebf0