Univention Bugzilla – Bug 45751
openssl: multiple issues (4.1)
Last modified: 2019-04-11 19:23:24 CEST
+++ This bug was initially created as a clone of Bug #45750 +++ The following issues have been reported as fixed in 1.0.2m: * Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735) * bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736) We currently ship 1.0.2k which used to be in jesse-backports. Currently jessie-backports offers 1.0.2l, so cherrypicking patches would be required.
This issue has been filed against UCS 4.1. UCS 4.1 is out of maintenance and many UCS components have vastly changed in later releases. Thus, this issue is now being closed. If this issue still occurs in newer UCS versions, please use "Clone this bug" or reopen this issue. In this case please provide detailed information on how this issue is affecting you.