Information on source package openssl1.0

Available versions

ReleaseVersion
stretch1.0.2r-1~deb9u1
stretch (security)1.0.2s-1~deb9u1

Resolved issues

BugDescription
CVE-2019-1559If an application encounters a fatal protocol error and then calls SSL ...
CVE-2019-1552OpenSSL has internal defaults for a directory tree where it can find a ...
CVE-2019-1543ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input ...
CVE-2018-5407Simultaneous Multi-threading (SMT) in processors can enable local user ...
CVE-2018-0739Constructed ASN.1 types with a recursive definition (such as can be fo ...
CVE-2018-0737The OpenSSL RSA Key generation algorithm has been shown to be vulnerab ...
CVE-2018-0735The OpenSSL ECDSA signature algorithm has been shown to be vulnerable ...
CVE-2018-0734The OpenSSL DSA signature algorithm has been shown to be vulnerable to ...
CVE-2018-0733Because of an implementation bug the PA-RISC CRYPTO_memcmp function is ...
CVE-2018-0732During key agreement in a TLS handshake using a DH(E) based ciphersuit ...
CVE-2017-3738There is an overflow bug in the AVX2 Montgomery multiplication procedu ...
CVE-2017-3737OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error stat ...
CVE-2017-3736There is a carry propagating bug in the x86_64 Montgomery squaring pro ...
CVE-2017-3735While parsing an IPAddressFamily extension in an X.509 certificate, it ...
CVE-2017-3733During a renegotiation handshake if the Encrypt-Then-Mac extension is ...
CVE-2017-3732There is a carry propagating bug in the x86_64 Montgomery squaring pro ...
CVE-2017-3731If an SSL/TLS server or client is running on a 32-bit host, and a spec ...
CVE-2017-3730In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad par ...
CVE-2016-7056A timing attack flaw was found in OpenSSL 1.0.1u and before that could ...
CVE-2016-7055There is a carry propagating bug in the Broadwell-specific Montgomery ...
CVE-2016-7054In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1 ...
CVE-2016-7053In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS struc ...

Security announcements

DSA / DLADescription
DSA-4400-1openssl1.0 - security update
DSA-4355-1openssl1.0 - security update
DSA-4158-1openssl1.0 - security update
DSA-4065-1openssl1.0 - security update
DSA-4017-1openssl1.0 - security update

Search for package or bug name: Reporting problems