Release date:
2026-04-02 16:08:59 UTC
Description:
* SECURITY UPDATE: excessive time spent in DH check/generation with large Q
- debian/patches/openssl-1.1.1-cve-2023-5678.patch: add bounds checks for
excessively large Q parameter in DH_check_pub_key() and DH_generate_key()
- CVE-2023-5678
* SECURITY UPDATE: PKCS12 decoding crashes due to NULL pointer dereference
- debian/patches/openssl-1.1.1-cve-2024-0727.patch: add NULL checks where
ContentInfo data can be NULL in PKCS12/PKCS7 parsing functions
- CVE-2024-0727
Updated packages:
-
alt-openssl_1.1.1w-3.2_amd64.deb
sha:5ff2eed6aa134df960b41210ba787b067d9ccf0b
-
alt-openssl-dev_1.1.1w-3.2_amd64.deb
sha:8ff22907b0ca036a47b9cddddfd01b4790f1d949
-
alt-openssl-doc_1.1.1w-3.2_all.deb
sha:53222a1439033e75390a2b57da1c4286f3af46e4
-
alt-openssl-libs_1.1.1w-3.2_amd64.deb
sha:84e501788bf0df0ea6db2dbfe8d9b1109a8e8333
-
alt-openssl_1.1.1w-3.2_arm64.deb
sha:e3ce03d50ee18fff4f99196bb520c603593420d4
-
alt-openssl-dev_1.1.1w-3.2_arm64.deb
sha:4ea69baa66298396c5e73af47298f8ec64e2ef4c
-
alt-openssl-doc_1.1.1w-3.2_all.deb
sha:53222a1439033e75390a2b57da1c4286f3af46e4
-
alt-openssl-libs_1.1.1w-3.2_arm64.deb
sha:6400860155919db52f0044c26cd5c03282df7d18
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
