exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 4855-1

Debian Security Advisory 4855-1
Posted Feb 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4855-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. An overflow bug in the x64_64 Montgomery squaring procedure, an integer overflow in CipherUpdate and a NULL pointer dereference flaw X509_issuer_and_serial_hash() were found, which could result in denial of service.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, debian
advisories | CVE-2019-1551, CVE-2021-23840, CVE-2021-23841
SHA-256 | 97d32585c37fd8006093ec57a2913bfc6ae8b85626eb395c01aae4dc59e6947a

Debian Security Advisory 4855-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4855-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
February 17, 2021 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : openssl
CVE ID : CVE-2019-1551 CVE-2021-23840 CVE-2021-23841
Debian Bug : 947949

Multiple vulnerabilities have been discovered in OpenSSL, a Secure
Sockets Layer toolkit. An overflow bug in the x64_64 Montgomery squaring
procedure, an integer overflow in CipherUpdate and a NULL pointer
dereference flaw X509_issuer_and_serial_hash() were found, which could
result in denial of service.

Additional details can be found in the upstream advisories
https://www.openssl.org/news/secadv/20191206.txt and
https://www.openssl.org/news/secadv/20210216.txt .

For the stable distribution (buster), these problems have been fixed in
version 1.1.1d-0+deb10u5.

We recommend that you upgrade your openssl packages.

For the detailed security status of openssl please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/openssl

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmAtHDpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0SYCg/9HRfTx/x8jaG8pn8kcPmUiSs+WkMBXmQeg97Gf6NLeflYczwtZ9MGWAAj
J9R72BqppoSGaI4MPgUQPRDRHclktJOxBkICyiYL35G18x0iFz352rfHegq9rzVe
VxJAXh3Xo6hA/SX046rjh+gJU63fgiE4Wy9T1D9y9A582FHfqhNFpEbWyzA871hG
nDFabpyvRltEC/XXu5pejqU9cguc4wF6pVjMffF1ikV6srAFPFO14v5aYYTWHEe1
D5cOUe6ckFIJBHYO4NEldlfRN1OVUZUMERQwjkfJ6RnwOxzN9dAdnhle+nqgeC7P
GwyVHTNIIhNOpjo24j0d13npJqdBvpXygG8TVDzRGm70SgMsizIm/b8ID9yzQjXH
45ziZZKLnLDDE55v62bUZ7KOe3DZYp/dElZ6mt/xKikC10GEOv1exsaB12s4LlDx
+7VF2U3nAer//G2LkGAPkbNAT1RC1uibnivyed3uHpUwFewE0fsdaoHtwFPPYDNp
Y7dyMI+SpAF1/6PW7kBqgHtyp9GAp2fcldV1uLmr9FKoBASvemkReHH1/eDzPqaA
xKzJ67vi9vX3IKtEz+T/EftZ5VDb/JW/f5EPsLNKjQJomRaQRr9EnYMVFCERVwvk
IMCzTgoed90pMSWyfO7BkywXMk4t14IeV9PhGVTfCrdpr4c2QC4=
=hM2Z
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close