UbuntuUpdates.org

Package "openssl1.0"

Name: openssl1.0

Description:

Secure Sockets Layer toolkit 1.0 - cryptographic utility
Latest version: 1.0.2n-1ubuntu5.13
Release: bionic (18.04)
Level: security
Repository: universe
Homepage: https://www.openssl.org

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "openssl1.0"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "openssl1.0" in Bionic

Repository Area Version
base universe 1.0.2n-1ubuntu5
security main 1.0.2n-1ubuntu5.13
updates universe 1.0.2n-1ubuntu5.13
updates main 1.0.2n-1ubuntu5.13

Changelog

Version: 1.0.2n-1ubuntu5.13 2023-05-30 15:06:58 UTC

  openssl1.0 (1.0.2n-1ubuntu5.13) bionic-security; urgency=medium

  * SECURITY UPDATE: Possible DoS translating ASN.1 object identifiers
    - debian/patches/CVE-2023-2650.patch: restrict the size of OBJECT
      IDENTIFIERs that OBJ_obj2txt will translate in
      crypto/objects/obj_dat.c.
    - CVE-2023-2650

 -- Marc Deslauriers <email address hidden> Wed, 24 May 2023 15:52:46 -0400
Source diff to previous version
CVE-2023-2650 openssl Possible DoS translating ASN.1 object identifiers

Version: 1.0.2n-1ubuntu5.12 2023-04-25 14:07:07 UTC

  openssl1.0 (1.0.2n-1ubuntu5.12) bionic-security; urgency=medium

  * SECURITY UPDATE: excessive resource use when verifying policy constraints
    - debian/patches/CVE-2023-0464.patch: limit the number of nodes created in
      a policy tree (the default limit is set to 1000 nodes).
    - CVE-2023-0464
  * SECURITY UPDATE: invalid certificate policies ignored in leaf certificates
    - debian/patches/CVE-2023-0465.patch: ensure that EXFLAG_INVALID_POLICY is
      checked even in leaf certs.
    - CVE-2023-0466
  * SECURITY UPDATE: certificate policy check in X509_VERIFY_PARAM_add0_policy
    not enabled as documented
    - debian/patches/CVE-2023-0466.patch: fix documentation of
      X509_VERIFY_PARAM_add0_policy().
    - CVE-2023-0466

 -- Camila Camargo de Matos <email address hidden> Tue, 18 Apr 2023 14:26:49 -0300
Source diff to previous version
CVE-2023-0464 A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that includ

Version: 1.0.2n-1ubuntu5.11 2023-02-07 19:07:01 UTC

  openssl1.0 (1.0.2n-1ubuntu5.11) bionic-security; urgency=medium

  * SECURITY UPDATE: Use-after-free following BIO_new_NDEF
    - debian/patches/CVE-2023-0215.patch: fix a UAF resulting from a bug in
      BIO_new_NDEF in crypto/asn1/bio_ndef.c.
    - CVE-2023-0215
  * SECURITY UPDATE: X.400 address type confusion in X.509 GeneralName
    - debian/patches/CVE-2023-0286.patch: fix GENERAL_NAME_cmp for
      x400Address in crypto/x509/v3_genn.c, crypto/x509v3/x509v3.h.
    - CVE-2023-0286

 -- Marc Deslauriers <email address hidden> Mon, 06 Feb 2023 12:57:17 -0500
Source diff to previous version
CVE-2023-0215 openssl: Use-after-free following BIO_new_NDEF
CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName

Version: 1.0.2n-1ubuntu5.10 2022-06-21 15:06:20 UTC

  openssl1.0 (1.0.2n-1ubuntu5.10) bionic-security; urgency=medium

  * SECURITY UPDATE: c_rehash script allows command injection
    - debian/patches/CVE-2022-1292.patch: switch to upstream patch, and
      apply it before c_rehash-compat.patch.
    - debian/patches/CVE-2022-2068.patch: fix file operations in
      tools/c_rehash.in.
    - debian/patches/c_rehash-compat.patch: updated patch to apply after
      the security updates.
    - CVE-2022-2068

 -- Marc Deslauriers <email address hidden> Mon, 20 Jun 2022 13:34:16 -0400
Source diff to previous version
CVE-2022-1292 The c_rehash script does not properly sanitise shell metacharacters to ...
CVE-2022-2068 The c_rehash script allows command injection

Version: 1.0.2n-1ubuntu5.9 2022-05-04 17:06:19 UTC

  openssl1.0 (1.0.2n-1ubuntu5.9) bionic-security; urgency=medium

  * SECURITY UPDATE: c_rehash script allows command injection
    - debian/patches/CVE-2022-1292.patch: do not use shell to invoke
      openssl in tools/c_rehash.in.
    - CVE-2022-1292

 -- Marc Deslauriers <email address hidden> Wed, 04 May 2022 07:54:44 -0400
CVE-2022-1292 The c_rehash script does not properly sanitise shell metacharacters to ...


About   -   Send Feedback to @ubuntu_updates