Information on source package openssl1.0

Available versions

ReleaseVersion
stretch1.0.2l-2+deb9u1
stretch (security)1.0.2l-2+deb9u2
buster1.0.2n-1
sid1.0.2n-1

Resolved issues

BugDescription
CVE-2017-3738There is an overflow bug in the AVX2 Montgomery multiplication ...
CVE-2017-3737OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error ...
CVE-2017-3736There is a carry propagating bug in the x86_64 Montgomery squaring ...
CVE-2017-3735While parsing an IPAddressFamily extension in an X.509 certificate, it ...
CVE-2017-3733During a renegotiation handshake if the Encrypt-Then-Mac extension is ...
CVE-2017-3732There is a carry propagating bug in the x86_64 Montgomery squaring ...
CVE-2017-3731If an SSL/TLS server or client is running on a 32-bit host, and a ...
CVE-2017-3730In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad ...
CVE-2016-7056ECDSA P-256 timing attack key recovery
CVE-2016-7055There is a carry propagating bug in the Broadwell-specific Montgomery ...
CVE-2016-7054In OpenSSL 1.1.0 before 1.1.0c, TLS connections using ...
CVE-2016-7053In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS ...

Security announcements

DSA / DLADescription
DSA-4065-1openssl1.0 - security update
DSA-4017-1openssl1.0 - security update

Search for package or bug name: Reporting problems