[CLSA-2024:1718639724] openssl: Fix of 2 CVEs
Type:
security
Severity:
Moderate
Release date:
2024-06-17 15:55:27 UTC
Description:
- CVE-2023-5678: Fix that DH_check_pub_key() and DH_generate_key() don't check large modulus - CVE-2023-3446: Fix that checking excessively long DH keys or parameters may be very slow.
Updated packages:
  • openssl-1.1.1g-15.el8.4.tuxcare.els11.x86_64.rpm
    sha:090395e3fd333098aecf534be1d556b87765f865
  • openssl-devel-1.1.1g-15.el8.4.tuxcare.els11.i686.rpm
    sha:a1070dd2359358e039037095bd0488454ef3b51d
  • openssl-devel-1.1.1g-15.el8.4.tuxcare.els11.x86_64.rpm
    sha:1b4980a4dab2aad53b83759a5ec1c99b0a252571
  • openssl-libs-1.1.1g-15.el8.4.tuxcare.els11.i686.rpm
    sha:cdd4f474828efd633c829a1b27c9e99484d65c5c
  • openssl-libs-1.1.1g-15.el8.4.tuxcare.els11.x86_64.rpm
    sha:19a02d0a48ea6967b54a710644dc68ddf2f04b2f
  • openssl-perl-1.1.1g-15.el8.4.tuxcare.els11.x86_64.rpm
    sha:933ecedced47fc88285eca34e44e1421f5d8bbdb
  • openssl-static-1.1.1g-15.el8.4.tuxcare.els11.x86_64.rpm
    sha:f4008d0faf859048df463f63863a7823c203c475
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.