1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5343-1] openssl security update

    From Salvatore Bonaccorso@21:1/5 to All on Tue Feb 7 22:10:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5343-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso February 07, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : openssl
    CVE ID : CVE-2022-2097 CVE-2022-4304 CVE-2022-4450 CVE-2023-0215
    CVE-2023-0286
    Debian Bug : 1023424

    Multiple vulnerabilities have been discovered in OpenSSL, a Secure
    Sockets Layer toolkit, which may result in incomplete encryption, side
    channel attacks, denial of service or information disclosure.

    Additional details can be found in the upstream advisories at https://www.openssl.org/news/secadv/20220705.txt and https://www.openssl.org/news/secadv/20230207.txt

    For the stable distribution (bullseye), these problems have been fixed in version 1.1.1n-0+deb11u4.

    We recommend that you upgrade your openssl packages.

    For the detailed security status of openssl please refer to its security tracker page at:
    https://security-tracker.debian.org/tracker/openssl

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmPivONfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RBCA/+IqJ9qtjytulO41yPphASSEu22XVN9EYAUsdcpsTmnDtp1zUQSZpQv5qk 464Z2+0SkNtiHm5O5z5fs4LX0wXYBvLYrFnh2X2Z6rT+YFhXg8ZdEo+IysYSV7gB utbb1zbSqUSSLmlF/r6SnXy+HlTyB56p+k0MnLNHejes6DoghebZJGU6Dl5D8Z2J wOB6xi2sS3zVl1O+8//PPk5Sha8ESShuP/sBby01Xvpl65+8Icn7dXXHFNUn27rZ WdQCdxJaUJiqjZYzI5XAB+zHl8KNDiWP9MqIeT3g+YQ+nzSTeHxRPXDTDvClMv9y CJ90PaCY1DBNh5NrE2/IZkpIOKvTjRX3+db7Nab2GyRzLCP7p+1Bm14zHiKRHPOR t/6yX11diIF2zvlP/7qeCGkutv9KrFjSW81o1GgJMdt8uduHa95IgKNNUsA6Wf3O SkUP4EYfhXs2+TIfEenvqLuAmLsQBCRCvNDdmEGhtR4r0hpvcJ4eOaDBE6FWih1J i0mpDIjBYOV2iEUe85XfYflrcFfaxSwbl4ultH3Q3eWtiMwLgXqJ9dKRQEXJX7hp 48zKPwnftJbGBri9Y293sMjcpv3F/PTjXMh8LcUSVDkVVdQ8cLSmdmP4v4wSzV/q Z7KATUs6YAod4ts5u3/zD97Mzk0Xiecw/ggevbCfCvQTByk02Fg=
    =lXE/
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)