Univention Bugzilla – Bug 54565
openssl: Multiple issues (4.4)
Last modified: 2022-03-17 15:31:15 CET
New Debian openssl 1.1.0l-1~deb9u5 fixes: This update addresses the following issues: * Integer overflow in RSAZ modular exponentiation on x86_64 (CVE-2019-1551) * Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778)
--- mirror/ftp/4.4/unmaintained/component/4.4-8-errata/source/openssl_1.1.0l-1~deb9u4.dsc +++ apt/ucs_4.4-0-errata4.4-8/source/openssl_1.1.0l-1~deb9u5.dsc @@ -1,3 +1,9 @@ +1.1.0l-1~deb9u5 [Thu, 17 Mar 2022 08:12:13 +0100] Emilio Pozuelo Monfort <pochu@debian.org>: + + * Non-maintainer upload by the LTS team. + * CVE-2019-1551: overflow in the x64_64 Montgomery squaring procedure. + * CVE-2022-0778: infinite loop in BN_mod_sqrt. + 1.1.0l-1~deb9u4 [Sun, 26 Sep 2021 19:03:02 +0200] Thorsten Alteholz <debian@alteholz.de>: * Non-maintainer upload by the LTS Team. <http://piuparts.knut.univention.de/4.4-8/#6118916832764775763>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-8] f1f5abcd9b Bug #54565: openssl 1.1.0l-1~deb9u5 doc/errata/staging/openssl.yaml | 15 +++++++++++++++ 1 file changed, 15 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x1203>