UbuntuUpdates.org

Package "erlang"

Name: erlang

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Erlang/OTP modules for ASN.1 support
  • Erlang/OTP virtual machine and base applications
  • Erlang/OTP cryptographic modules
  • Erlang/OTP development libraries and headers

Latest version: 1:24.2.1+dfsg-1ubuntu0.1
Release: jammy (22.04)
Level: updates
Repository: main

Links



Other versions of "erlang" in Jammy

Repository Area Version
base main 1:24.2.1+dfsg-1
base universe 1:24.2.1+dfsg-1
security main 1:24.2.1+dfsg-1ubuntu0.1
security universe 1:24.2.1+dfsg-1ubuntu0.1
updates universe 1:24.2.1+dfsg-1ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:24.2.1+dfsg-1ubuntu0.1 2023-05-08 11:07:12 UTC

  erlang (1:24.2.1+dfsg-1ubuntu0.1) jammy-security; urgency=medium

  * SECURITY UPDATE: SSL, TLS and DTLS client authentication bypass
    - d/p/CVE-2022-37026-1.patch: fix handling of unexpected
      messages. Based on upstream patch.
    - d/p/CVE-2022-37026-2.patch: correct guard check. Based on upstream
      patch.
    - CVE-2022-37026

 -- Alex Murray <email address hidden> Wed, 26 Apr 2023 10:44:55 +0200

CVE-2022-37026 In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification



About   -   Send Feedback to @ubuntu_updates