Univention Bugzilla – Bug 44751
openssl: multiple issues (4.2)
Last modified: 2017-06-29 08:51:55 CEST
The openssl version in UCS 4.1 is affected by this issue: * Montgomery multiplication may produce incorrect results (CVE-2016-7055) * SSL/TLS SSL3_AL_WARNING undefined alert DoS (CVE-2016-8610) * Truncated packet could crash via OOB read (CVE-2017-3731) * BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
r80070 | Bug #44751: OpenSSL 1.0.2k See Bug #42925 comment 3 for more details
*** Bug 43934 has been marked as a duplicate of this bug. ***
Works
<http://errata.software-univention.de/ucs/4.2/45.html>
r80475 | Bug #44751 test: Skip EXPORT and LOW cipher test Package: ucs-test Version: 7.0.22-3A~4.2.0.201706261021 Branch: ucs_4.2-0 Scope: errata4.2-1