[CLSA-2024:1718639881] openssl: Fix of 2 CVEs
Type:
security
Severity:
Moderate
Release date:
2024-06-17 15:58:04 UTC
Description:
- CVE-2023-5678: Fix that DH_check_pub_key() and DH_generate_key() don't check large modulus - CVE-2023-3446: Fix that checking excessively long DH keys or parameters may be very slow.
Updated packages:
  • openssl-1.1.1k-5.el8.5.tuxcare.els10.x86_64.rpm
    sha:3a998057640c2145e69ced4374c23b485eb7634f
  • openssl-devel-1.1.1k-5.el8.5.tuxcare.els10.i686.rpm
    sha:1c72e9086f48ce4953513952a102fa7ce4acdad6
  • openssl-devel-1.1.1k-5.el8.5.tuxcare.els10.x86_64.rpm
    sha:12851fe9c497a6904af9bdf3e96032f8f6019ec9
  • openssl-libs-1.1.1k-5.el8.5.tuxcare.els10.i686.rpm
    sha:416885217ea42cf377e35bff1197351baeabd60b
  • openssl-libs-1.1.1k-5.el8.5.tuxcare.els10.x86_64.rpm
    sha:6a0ca917c4cf98fc49006751f671371681babb38
  • openssl-perl-1.1.1k-5.el8.5.tuxcare.els10.x86_64.rpm
    sha:5ce92add154e1e5a04005661c03dcd2c273b1be9
  • openssl-static-1.1.1k-5.el8.5.tuxcare.els10.x86_64.rpm
    sha:8de313e11fe45edc634e144874f37ea6a97d6855
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.