Univention Bugzilla – Bug 49794
openssl: Multiple issues (4.3)
Last modified: 2019-07-10 14:00:16 CEST
New Debian openssl 1.1.0k-1~deb9u1 fixes: This update addresses the following issue: * ChaCha20-Poly1305 with long nonces (CVE-2019-1543)
--- mirror/ftp/4.3/unmaintained/4.3-3/source/openssl_1.1.0j-1~deb9u1.dsc +++ apt/ucs_4.3-0-errata4.3-4/source/openssl_1.1.0k-1~deb9u1.dsc @@ -1,3 +1,8 @@ +1.1.0k-1~deb9u1 [Wed, 26 Jun 2019 18:59:20 +0200] Sebastian Andrzej Siewior <sebastian@breakpoint.cc>: + + * Import 1.1.0k + - CVE-2019-1543 (Prevent over long nonces in ChaCha20-Poly1305) + 1.1.0j-1~deb9u1 [Wed, 28 Nov 2018 23:43:08 +0100] Sebastian Andrzej Siewior <sebastian@breakpoint.cc>: * Import 1.1.0j <http://10.200.17.11/4.3-4/#7806052785146092476>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.3-4] b49e95f078 Bug #49794: openssl 1.1.0k-1~deb9u1 doc/errata/staging/openssl.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+)
<http://errata.software-univention.de/ucs/4.3/544.html>