Release date:
2026-04-02 16:02:17 UTC
Description:
* SECURITY UPDATE: excessive time spent in DH check/generation with large Q
- debian/patches/openssl-1.1.1-cve-2023-5678.patch: add bounds checks for
excessively large Q parameter in DH_check_pub_key() and DH_generate_key()
- CVE-2023-5678
* SECURITY UPDATE: PKCS12 decoding crashes due to NULL pointer dereference
- debian/patches/openssl-1.1.1-cve-2024-0727.patch: add NULL checks where
ContentInfo data can be NULL in PKCS12/PKCS7 parsing functions
- CVE-2024-0727
Updated packages:
-
alt-openssl_1.1.1w-3.2_amd64.deb
sha:a408e64860846ea01398792df0a0b465913590f7
-
alt-openssl-dev_1.1.1w-3.2_amd64.deb
sha:45c6a7f6ea63a882d53945897a2cdc2608f13035
-
alt-openssl-doc_1.1.1w-3.2_all.deb
sha:3107ff7ae160af93fd2d9abb75fc25007b628d52
-
alt-openssl-libs_1.1.1w-3.2_amd64.deb
sha:035d5fff1f9c36cc23c3bfdd216782b6cabaa524
-
alt-openssl_1.1.1w-3.2_arm64.deb
sha:c100b36d7ac85cc491172b9ffdbb87143e58855e
-
alt-openssl-dev_1.1.1w-3.2_arm64.deb
sha:ba339d6342cfb9e03d704f5ff272559dbe62bd0a
-
alt-openssl-doc_1.1.1w-3.2_all.deb
sha:3107ff7ae160af93fd2d9abb75fc25007b628d52
-
alt-openssl-libs_1.1.1w-3.2_arm64.deb
sha:9e0649b3d50b0c10000b58f463ddf80d0a6b4161
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
