- openssl-1.1.1k-9.el8_7 ()
- 1.1.1k-14.el8_6
- 2024-10-16 12:05:12
- CVE cve-2023-3446, CVSSv2 Score: 5.3
- Description:
Excessive time spent checking DH keys and parameters
- Patch: openssl/1.1.1k/openssl-1.1.1-cve-2023-3446.patch
- CVE cve-2023-3446, CVSSv2 Score:
- Description:
- Patch: openssl/1.1.1k/openssl-1.1.1-cve-2023-3446-adapt.patch
- CVE cve-2023-3817, CVSSv2 Score: 5.3
- Description:
Excessive time spent checking DH q parameter value
- Patch: openssl/1.1.1k/openssl-1.1.1-cve-2023-3817.patch
- CVE cve-2023-5678, CVSSv2 Score: 7.5
- Description:
Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow
- Patch: openssl/1.1.1k/openssl-1.1.1-cve-2023-5678.patch
- CVE cve-2023-5678, CVSSv2 Score:
- Description:
- Patch: openssl/1.1.1k/openssl-1.1.1-cve-2023-5678-adapt.patch
- CVE CVE-2024-5535, CVSSv2 Score: 9.1
- Description:
Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality.
- Patch: openssl/1.1.1k/openssl-1.1.1-fix-ssl-select-next-proto.patch