Ubuntu Security Notice USN-5710-1
Ubuntu Security Notice 5710-1 - It was discovered that OpenSSL incorrectly handled certain X.509 Email Addresses. If a certificate authority were
tricked into signing a specially-crafted certificate, a remote attacker
could possibly use this issue to cause OpenSSL to crash, resulting in a
denial of service. The default compiler options for affected releases
reduce the vulnerability to a denial of service. It was discovered that
OpenSSL incorrectly handled applications creating custom ciphers via the
legacy EVP_CIPHER_meth_new function. This issue could cause certain applications that mishandled values to the function to possibly end up
with a NULL cipher and messages in plaintext.
https://packetstormsecurity.com/files/169684/USN-5710-1.txt
Tue, 01 Nov 2022 18:19:24 GMT
________________________________
--- The information is for inforamtional purposes only.
* Origin: Read us with
http://winpoint.org JID:
rs@captflint.com