Release date:
2022-05-31 15:33:10 UTC
Description:
* SECURITY UPDATE: Improper Neutralization
- debian/patches/CVE-2022-1292.patch: restrict using shell to invoke
openssl due to possible privilege escalation
- debian/patches/CVE-2022-1473.patch: fix bug OPENSSL_LH_flush() memory
releasing leading to DoS
- CVE-2022-1292
- CVE-2022-1473
Updated packages:
-
libssl-dev_1.0.2g-1ubuntu4.21+tuxcare.els3_amd64.deb
sha:97b0258b717db9ba916495b178063f2fb4498f68
-
libssl-doc_1.0.2g-1ubuntu4.21+tuxcare.els3_all.deb
sha:8d02efad2a81172b4c3f58760999a6158091f75e
-
libssl1.0.0_1.0.2g-1ubuntu4.21+tuxcare.els3_amd64.deb
sha:b54282ed0d3aa995973c710cfb93460ca883251f
-
openssl_1.0.2g-1ubuntu4.21+tuxcare.els3_amd64.deb
sha:b1cc08019cc3cefaae541c65407ed071e9074886
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
