Univention Bugzilla – Bug 53703
openssl: Multiple issues (5.0)
Last modified: 2021-08-25 17:53:12 CEST
New Debian openssl 1.1.1d-0+deb10u7 fixes: This update addresses the following issues: * SM2 Decryption Buffer Overflow (CVE-2021-3711) * Read buffer overruns processing ASN.1 strings (CVE-2021-3712)
--- mirror/ftp/pool/main/o/openssl/openssl_1.1.1d-0+deb10u6.dsc +++ apt/ucs_5.0-0-errata5.0-0/source/openssl_1.1.1d-0+deb10u7.dsc @@ -1,3 +1,8 @@ +1.1.1d-0+deb10u7 [Tue, 24 Aug 2021 10:30:43 +0200] Sebastian Andrzej Siewior <sebastian@breakpoint.cc>: + + * CVE-2021-3711 (SM2 Decryption Buffer Overflow). + * CVE-2021-3712 (Read buffer overruns processing ASN.1 strings). + 1.1.1d-0+deb10u6 [Tue, 23 Mar 2021 00:08:47 +0100] Sebastian Andrzej Siewior <sebastian@breakpoint.cc>: * CVE-2021-3449 (NULL pointer deref in signature_algorithms processing). <http://piuparts.knut.univention.de/5.0-0/#7705374504377064423>
OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-0] c1c8e10411 Bug #53703: openssl 1.1.1d-0+deb10u7 doc/errata/staging/openssl.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x71>