UbuntuUpdates.org

Bugs fixes in "openssl"

Origin Bug number Title Date fixed
CVE CVE-2024-12797 Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authent ... 2025-02-12
CVE CVE-2024-13176 Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summ 2025-02-12
CVE CVE-2024-9143 Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds mem 2025-02-12
CVE CVE-2024-12797 Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authent ... 2025-02-11
CVE CVE-2024-13176 Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summ 2025-02-11
CVE CVE-2024-9143 Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds mem 2025-02-11
CVE CVE-2024-5535 Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory con 2024-07-31
CVE CVE-2024-4741 Use After Free with SSL_free_buffers 2024-07-31
CVE CVE-2024-2511 Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An atta 2024-07-31
CVE CVE-2024-5535 Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory con 2024-07-31
CVE CVE-2024-4741 Use After Free with SSL_free_buffers 2024-07-31
CVE CVE-2024-4603 Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVP_PKEY_param 2024-07-31
CVE CVE-2024-2511 Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An atta 2024-07-31
CVE CVE-2024-5535 Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory con 2024-07-31
CVE CVE-2024-4741 Use After Free with SSL_free_buffers 2024-07-31
CVE CVE-2024-4603 Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVP_PKEY_param 2024-07-31
CVE CVE-2024-2511 Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An atta 2024-07-31
CVE CVE-2024-5535 Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory con 2024-07-31
CVE CVE-2024-4741 Use After Free with SSL_free_buffers 2024-07-31
CVE CVE-2024-2511 Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An atta 2024-07-31



About   -   Send Feedback to @ubuntu_updates