-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3325-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort February 20, 2023 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : openssl Version : 1.1.1n-0+deb10u4 CVE ID : CVE-2022-2097 CVE-2022-4304 CVE-2022-4450 CVE-2023-0215 CVE-2023-0286 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit, which may result in incomplete encryption, side channel attacks, denial of service or information disclosure. Additional details can be found in the upstream advisories at https://www.openssl.org/news/secadv/20220705.txt and https://www.openssl.org/news/secadv/20230207.txt For Debian 10 buster, these problems have been fixed in version 1.1.1n-0+deb10u4. We recommend that you upgrade your openssl packages. For the detailed security status of openssl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openssl Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmPzVVYACgkQnUbEiOQ2 gwIi8RAAx9LYFxfphh6oFWmH8+GBNIYaC4y34uvPDe+aKpNoX8M70VjDygTr9xWk rZzj0fhvf4Ds9Aa1JbvfCo3GeDFUjEBFt99IMai1KLE8f4bwzIkPWtrXwzhwRN8S QluPxcSE+5M9WxhFVKUeuvrh4kggSXBg1EQgLd0A1dFBVnyJXwo5RzaAm0qVE8uo M5NUgQsJE3p1GwaGPfEaaGr+53FId1+WQac6t4ysakh5VW/0TCKCU0Eb6qhMLlHC HoXZTQzPiHSxT0lqynrqf2s5gLIsabTaO1xfhTTpeZ2qfanJSYHDFOs4gxKo3CRL wTM8r3QmDTiFZbHxFyz5BkIWmqmorNdRJuH6lu4VoMFu6paEwACJiRDIyX352KC2 Qj16Y65cdN2mabDRP3pmKyZsTmoSiWsmMRY89Xxqdbf5kT+r/ODg0hV/2SmJKGer A0L1I5taY7tnN9DumFlIjG14HI/d/qA8M9SnfiG/Xn9FvAFVltNa5KaEcMyvY0O4 0WiN9Pd5KK0Ppm7SB407G3onS7DZ4phBTW7gKJ6yzoFKxzzDPgargDIT7jq0JyiS ToaOujsVRLG1qT92v5KKwNV+IbtfAEWioKwQ6tCrnUlKvMlSwZ7NdfFbuGzatz6V ZEpEaO/ke3NwH2ZOjlLUnpK7XWdRC7XXyZysWv6KPO+ZHtvVDSQ= =8Gmb -----END PGP SIGNATURE-----