[CLSA-2024:1708638837] Fix CVE(s): CVE-2023-5678

Type:

security

Severity:

Moderate

Release date:

2024-02-22 21:54:00 UTC

Description:

   * SECURITY UPDATE: Denial of service could be encountered when generating
     excessively long DH keys or checking excessively long DH keys
     or parameters.
     - debian/patches/CVE-2023-5678.patch: Make DH_check_pub_key() and
       DH_generate_key() safer yet.
     - CVE-2023-5678.

Updated packages:

libssl-dev_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3_amd64.deb
sha:25a41b65214418b27a0166c52017a1cd23ebfdd9
libssl-doc_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3_all.deb
sha:3be7d013a04143d3309ccbc1df10903906c40cd0
libssl1.1_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3_amd64.deb
sha:1b1fd2fce4ade6d908e0256face04f4fa891afa3
openssl_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3_amd64.deb
sha:e6768efbf4e8627d027c59593f4516a61505fde9

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.