Bugs fixes in "openssl"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2026-31790 | Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer t | 2026-04-09 |
| CVE | CVE-2026-31789 | Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impac | 2026-04-09 |
| CVE | CVE-2026-28390 | Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact | 2026-04-09 |
| CVE | CVE-2026-28389 | Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact sum | 2026-04-09 |
| CVE | CVE-2026-28388 | Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CR | 2026-04-09 |
| CVE | CVE-2026-28387 | Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA reco | 2026-04-09 |
| CVE | CVE-2026-31790 | Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer t | 2026-04-09 |
| CVE | CVE-2026-31789 | Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impac | 2026-04-09 |
| CVE | CVE-2026-28390 | Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact | 2026-04-09 |
| CVE | CVE-2026-28389 | Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact sum | 2026-04-09 |
| CVE | CVE-2026-28388 | Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CR | 2026-04-09 |
| CVE | CVE-2026-28387 | Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA reco | 2026-04-09 |
| CVE | CVE-2026-31790 | Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer t | 2026-04-09 |
| CVE | CVE-2026-31789 | Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impac | 2026-04-09 |
| CVE | CVE-2026-28390 | Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact | 2026-04-09 |
| CVE | CVE-2026-28389 | Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact sum | 2026-04-09 |
| CVE | CVE-2026-28388 | Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CR | 2026-04-09 |
| CVE | CVE-2026-28387 | Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA reco | 2026-04-09 |
| CVE | CVE-2026-2673 | Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration in | 2026-04-09 |
| Launchpad | 2137464 | crypto/ec/asm/ecp_nistp521-ppc64.pl output regex failure | 2026-04-09 |
About
-
Send Feedback to @ubuntu_updates
