USN-750-1 -- openssl vulnerability
|ID: oval:org.secpod.oval:def:700310||Date: (C)2011-05-13 (M)2017-11-27|
|Class: PATCH||Family: unix|
It was discovered that OpenSSL did not properly validate the length of an encoded BMPString or UniversalString when printing ASN.1 strings. If a user or automated system were tricked into processing a crafted certificate, an attacker could cause a denial of service via application crash in applications linked against OpenSSL.