
DescriptionThe default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature.
314465

openssl (PTS)buster1.1.1n-0+deb10u3fixed
buster (security)1.1.1n-0+deb10u6fixed
bullseye (security)1.1.1n-0+deb11u5fixed
bookworm, bookworm (security)3.0.11-1~deb12u2fixed
sid, trixie3.2.1-3fixed

