DSA-4539-1 openssl -- opensslID: oval:org.secpod.oval:def:604551 | Date: (C)2019-10-03 (M)2023-12-20 |
Class: PATCH | Family: unix |
Three security issues were discovered in OpenSSL: A timing attack against ECDSA, a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey and it was discovered that a feature of the random number generator intended to protect against shared RNG state between parent and child processes in the event of a fork syscall was not used by default.
Platform: |
Debian 10.x |
Debian 9.x |
Product: |
libcrypto1.1-udeb |
libssl1.1 |
libssl-dev |
openssl |
libssl-doc |