1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4807-1] openssl security update

    From Salvatore Bonaccorso@21:1/5 to All on Tue Dec 8 16:30:02 2020
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4807-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 08, 2020 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : openssl
    CVE ID : CVE-2020-1971

    David Benjamin discovered a flaw in the GENERAL_NAME_cmp() function
    which could cause a NULL dereference, resulting in denial of service.

    Additional details can be found in the upstream advisory: https://www.openssl.org/news/secadv/20201208.txt

    For the stable distribution (buster), this problem has been fixed in
    version 1.1.1d-0+deb10u4.

    We recommend that you upgrade your openssl packages.

    For the detailed security status of openssl please refer to its security tracker page at:
    https://security-tracker.debian.org/tracker/openssl

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl/PmNRfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0SrxA//cDd0JVO9bdkBLrjg3bh2ibaL7rZxWM2kDOZxQ9dTyuNKHXpk72EQN7bo YzYUOphu8Pea/v2E2bA0VzKka56lu1zmA1r2xXyZoK3YWoyVAdQe/AbrsNZh+k5U iZ9U5VeBNmb78vZqalFnecZBAhmPBmFKmE4yc7qhj+G1XGO+/yuRL8sBGpK3WKDX dj31X8+YlEfidj9LKj0mER1XpjaE7soWnmlFA8vI/cjBLnvWo4MyXUbicW2r028C KB/ACbp5BzXiZkcv45Dmk73Wp2GtMPamF3iL6VBNkEy5cBXvvD+WQCJLr87w+zHr Abvfz8UXvJnsD/qP7nEuQkMBDiZPeCIOe1lGtiNtU0oeDn1i9akVZ3pEtOf3azJ+ ZQRrxPY+qwWRenuf2CLBUzIzWh+9wUy3ZIOxSycBoqn1xN//EaZ38PNLpiYl2llM 1RyuvMn7jMo5Ow6keJ7ohIfY0FD3LNJId5Sf4EPfJHy/EAe/qSf+/WXXvLQAlMdg 0zkzBXSCHPlhOm4NgF+LuGqpyd10OK6O7C1eo2xejylohV1UJUXU+2CQfa2HQ0o4 eV5aYOsVEBPBIxedCd/XyVNCPrStetLhdP8kjASznPkIKcw1L7GW0SongEt6+7T+ csanRpBW+PoDRofOjop+zTAFesQLt/q7w2sjZCg2Wj/hEN6PeCs=
    =eV7T
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)