Information on source package openssl

Available versions

ReleaseVersion
squeeze0.9.8o-4squeeze14
squeeze (security)0.9.8o-4squeeze14
squeeze (lts)0.9.8o-4squeeze20
wheezy1.0.1e-2+deb7u13
wheezy (security)1.0.1e-2+deb7u16
jessie1.0.1k-3
stretch1.0.2a-1
sid1.0.2a-1

Open issues

Bugsqueezesqueeze (security)squeeze (lts)wheezywheezy (security)jessiestretchsidDescription
CVE-2015-0293vulnerablevulnerablefixedfixedfixedfixedfixedfixedThe SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before ...
CVE-2015-0292vulnerablevulnerablefixedvulnerablefixedfixedfixedfixedInteger underflow in the EVP_DecodeUpdate function in ...
CVE-2015-0289vulnerablevulnerablefixedvulnerablefixedfixedfixedfixedThe PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before ...
CVE-2015-0288vulnerablevulnerablefixedvulnerablefixedfixedfixedfixedThe X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL ...
CVE-2015-0287vulnerablevulnerablefixedvulnerablefixedfixedfixedfixedThe ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL ...
CVE-2015-0286vulnerablevulnerablefixedvulnerablefixedfixedfixedfixedThe ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before ...
CVE-2015-0209vulnerablevulnerablefixedvulnerablefixedfixedfixedfixedUse-after-free vulnerability in the d2i_ECPrivateKey function in ...
CVE-2015-0204vulnerablevulnerablefixedvulnerablefixedfixedfixedfixedThe ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before ...
CVE-2014-8275vulnerablevulnerablefixedvulnerablefixedfixedfixedfixedOpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k ...
CVE-2014-3572vulnerablevulnerablefixedvulnerablefixedfixedfixedfixedThe ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before ...
CVE-2014-3571vulnerablevulnerablefixedvulnerablefixedfixedfixedfixedOpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k ...
CVE-2014-3570vulnerablevulnerablefixedvulnerablefixedfixedfixedfixedThe BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before ...
CVE-2014-3569vulnerablevulnerablefixedvulnerablefixedfixedfixedfixedThe ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, ...
CVE-2014-3568vulnerablevulnerablefixedfixedfixedfixedfixedfixedOpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j ...
CVE-2014-3567vulnerablevulnerablefixedfixedfixedfixedfixedfixedMemory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL ...
CVE-2014-3566vulnerablevulnerablevulnerablevulnerablevulnerablefixedfixedfixedThe SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other ...
CVE-2014-3510vulnerablevulnerablefixedfixedfixedfixedfixedfixedThe ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL ...
CVE-2014-3508vulnerablevulnerablefixedfixedfixedfixedfixedfixedThe OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 ...
CVE-2014-3507vulnerablevulnerablefixedfixedfixedfixedfixedfixedMemory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 ...
CVE-2014-3506vulnerablevulnerablefixedfixedfixedfixedfixedfixedd1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, ...
CVE-2014-3505vulnerablevulnerablefixedfixedfixedfixedfixedfixedDouble free vulnerability in d1_both.c in the DTLS implementation in ...
CVE-2014-3470vulnerablevulnerablefixedfixedfixedfixedfixedfixedThe ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL ...
CVE-2014-0224vulnerablevulnerablefixedfixedfixedfixedfixedfixedOpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h ...
CVE-2014-0221vulnerablevulnerablefixedfixedfixedfixedfixedfixedThe dtls1_get_message_fragment function in d1_both.c in OpenSSL before ...
CVE-2014-0195vulnerablevulnerablefixedfixedfixedfixedfixedfixedThe dtls1_reassemble_fragment function in d1_both.c in OpenSSL before ...
CVE-2014-0076vulnerablevulnerablefixedfixedfixedfixedfixedfixedThe Montgomery ladder implementation in OpenSSL through 1.0.0l does ...
CVE-2012-4929vulnerablevulnerablefixedfixedfixedfixedfixedfixedThe TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google ...

Open unimportant issues

Bugsqueezesqueeze (security)squeeze (lts)wheezywheezy (security)jessiestretchsidDescription
CVE-2011-4577vulnerablevulnerablevulnerablefixedfixedfixedfixedfixedOpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is ...
CVE-2010-0928vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableOpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx ...
CVE-2010-0742vulnerablevulnerablevulnerablefixedfixedfixedfixedfixedThe Cryptographic Message Syntax (CMS) implementation in ...
CVE-2007-6755vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableThe NIST SP 800-90A default statement of the Dual Elliptic Curve ...

Resolved issues

BugDescription
CVE-2015-1787The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL ...
CVE-2015-0291The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 before 1.0.2a ...
CVE-2015-0290The multi-block feature in the ssl3_write_bytes function in s3_pkt.c ...
CVE-2015-0285The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 before ...
CVE-2015-0208The ASN.1 signature-verification implementation in the rsa_item_verify ...
CVE-2015-0207The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 before 1.0.2a ...
CVE-2015-0206Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL ...
CVE-2015-0205The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before ...
CVE-2014-5139The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 ...
CVE-2014-3513Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 ...
CVE-2014-3512Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP ...
CVE-2014-3511The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 ...
CVE-2014-3509Race condition in the ssl_parse_serverhello_tlsext function in ...
CVE-2014-2234A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier ...
CVE-2014-0198The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, ...
CVE-2014-0160The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before ...
CVE-2013-6450The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l ...
CVE-2013-6449The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before ...
CVE-2013-4353The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before ...
CVE-2013-0169The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as ...
CVE-2013-0166OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d ...
CVE-2012-2686crypto/evp/e_aes_cbc_hmac_sha1.c in the AES-NI functionality in the ...
CVE-2012-2333Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and ...
CVE-2012-2131Multiple integer signedness errors in crypto/buffer/buffer.c in ...
CVE-2012-2110The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL ...
CVE-2012-1165The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL ...
CVE-2012-0884The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 ...
CVE-2012-0050OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, ...
CVE-2012-0027The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle ...
CVE-2011-5095The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when ...
CVE-2011-4619The Server Gated Cryptography (SGC) implementation in OpenSSL before ...
CVE-2011-4576The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before ...
CVE-2011-4354crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as ...
CVE-2011-4109Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when ...
CVE-2011-4108The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f ...
CVE-2011-3210The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through ...
CVE-2011-3207crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not ...
CVE-2011-1945The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and ...
CVE-2011-0014ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c ...
CVE-2010-5298Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL ...
CVE-2010-4252OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly ...
CVE-2010-4180OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when ...
CVE-2010-3864Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through ...
CVE-2010-2939Double free vulnerability in the ssl3_get_key_exchange function in the ...
CVE-2010-1633RSA verification recovery in the EVP_PKEY_verify_recover function in ...
CVE-2010-1378OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly ...
CVE-2010-0740The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through ...
CVE-2010-0433The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before ...
CVE-2009-5146memory leak in hostname TLS extension
CVE-2009-4355Memory leak in the zlib_stateful_finish function in ...
CVE-2009-3555The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as ...
CVE-2009-3245OpenSSL before 0.9.8m does not check for a NULL return value from ...
CVE-2009-2409The Network Security Services (NSS) library before 3.12.3, as used in ...
CVE-2009-1387The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in ...
CVE-2009-1386ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause ...
CVE-2009-1379Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment ...
CVE-2009-1378Multiple memory leaks in the dtls1_process_out_of_seq_message function ...
CVE-2009-1377The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and ...
CVE-2009-0789OpenSSL before 0.9.8k on WIN64 and certain other platforms does not ...
CVE-2009-0653OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an ...
CVE-2009-0591The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is ...
CVE-2009-0590The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows ...
CVE-2008-7270OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is ...
CVE-2008-5077OpenSSL 0.9.8i and earlier does not properly check the return value ...
CVE-2008-1672OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of ...
CVE-2008-0891Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS ...
CVE-2008-0166OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based ...
CVE-2007-5135Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL ...
CVE-2007-4995Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before ...
CVE-2007-3108The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL ...
CVE-2006-7250The mime_hdr_cmp function in crypto/asn1/asn_mime.c in OpenSSL 0.9.8t ...
CVE-2006-4343The get_server_hello function in the SSLv2 client code in OpenSSL ...
CVE-2006-4339OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, ...
CVE-2006-3738Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL ...
CVE-2006-2940OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions ...
CVE-2006-2937OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote ...
CVE-2005-2969The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and ...
CVE-2005-2946The default configuration on OpenSSL before 0.9.8 uses MD5 for ...
CVE-2004-0975The der_chop script in the openssl package in Trustix Secure Linux 1.5 ...
CVE-2004-0112The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, ...
CVE-2004-0081OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message ...
CVE-2004-0079The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and ...
CVE-2003-0545Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to ...
CVE-2003-0544OpenSSL 0.9.6 and 0.9.7 does not properly track the number of ...
CVE-2003-0543Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to ...
CVE-2003-0147OpenSSL does not use RSA blinding by default, which allows local and ...
CVE-2003-0131The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and ...
CVE-2003-0078ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before ...
CVE-2002-1568OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks ...
CVE-2002-0659The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and ...
CVE-2002-0657Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos ...
CVE-2002-0656Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and ...
CVE-2002-0655OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not ...

Security announcements

DSA / DLADescription
DSA-3197-2openssl - regression update
DLA-177-1openssl - security update
DSA-3197-1openssl - security update
DSA-3125-1openssl - security update
DLA-132-1openssl - security update
DLA-81-1openssl - security update
DSA-3053-1openssl - security update
DSA-2998-1openssl - security update
DLA-33-1openssl - security update
DLA-0008-1openssl - security update
DSA-2950-1openssl - security update
DLA-0003-1openssl - security update
DSA-2931-1openssl - security update
DSA-2908-1openssl - security update
DSA-2896-1openssl - security update
DSA-2837-1openssl - programming error
DSA-2833-1openssl - several
DSA-2621-1openssl - several vulnerabilities
DSA-2475-1openssl - integer underflow
DSA-2454-2openssl - incomplete fix
DSA-2454-1openssl - multiple
DSA-2392-1openssl - out-of-bounds read
DSA-2392-1openssl - out-of-bounds read
DSA-2390-1openssl - several
DSA-2390-1openssl - several
DSA-2343-1openssl - CA trust revocation
DSA-2343-1openssl - CA trust revocation
DSA-2309-1openssl - compromised certificate authority
DSA-2309-1openssl - compromised certificate authority
DSA-2162-1openssl - invalid memory access
DSA-2141-1openssl - protocol design flaw
DSA-2125-1openssl - buffer overflow
DSA-2100-1openssl - double free
DSA-1970-1openssl - denial of service
DSA-1888-1openssl - cryptographic weakness
DSA-1888-1openssl - cryptographic weakness
DSA-1763-1openssl openssl097 - denial of service
DSA-1763-1openssl openssl097 - denial of service
DSA-1701-1openssl openssl097 - cryptographic weakness
DSA-1571-1openssl - predictable random number generator
DSA-1379-1openssl - arbitrary code execution
DSA-1379-1openssl - arbitrary code execution
DSA-1185-2openssl
DSA-1173-1openssl - cryptographic weakness
DSA-888-1openssl - cryptographic weakness
DSA-888-1openssl - cryptographic weakness
DSA-603-1openssl - insecure temporary file
DSA-465openssl - several vulnerabilities
DSA-393openssl - denial of service
DSA-288openssl - several vulnerabilities
DSA-253openssl - information leak
DSA-136openssl - multiple remote exploits

Search for package or bug name: Reporting problems