OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [8th April 2024] == Unbounded memory growth with session handling in TLSv1.3 (CVE-2024-2511) Severity: Low

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [25th January 2024] = PKCS12 Decoding crashes (CVE-2024-0727) === Severity: Low Issue summary: Processing a maliciously formatted PKCS12

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [15th January 2024] = Excessive time spent checking invalid RSA public keys (CVE-2023-6237) = Severity: Low

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [9th January 2024] POLY1305 MAC implementation corrupts vector registers on PowerPC (CVE-2023-6129

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 OpenSSL Security Advisory [6th November 2023] = Excessive time spent in DH check / generation with large Q parameter value (CVE-2023-5678

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [24th October 2023] = Incorrect cipher key & IV length processing (CVE-2023-5363) === Severity: Moderate Issue sum

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [8th September 2023] == POLY1305 MAC implementation corrupts XMM registers on Windows (CVE-2023-4807

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [31st July 2023] == Excessive time spent checking DH q parameter value (CVE-2023-3817) == Severity: Low Issue

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [19th July 2023] == Excessive time spent checking DH keys and parameters (CVE-2023-3446) Severity: Low Issue

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [14th July 2023] == AES-SIV implementation ignores empty associated data entries (CVE-2023-2975

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [30th May 2023] = Possible DoS translating ASN.1 object identifiers (CVE-2023-2650) = Severity: Moderate Issue

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [20th April 2023] === Input buffer over-read in AES-XTS implementation on 64 bit ARM (CVE-2023-1255

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [28th March 2023] === Invalid certificate policies in leaf certificates are silently ignored (CVE-2023-0465

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Excessive Resource Usage Verifying X.509 Policy Constraints (CVE-2023-0464) === Severity: Low A security vulnerability has been identified in all supported versions of OpenSSL

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 OpenSSL Security Advisory [7th February 2023] = X.400 address type confusion in X.509 GeneralName (CVE-2023-0286) = Severity: High

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [01 November 2022] X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602) == Severity: High A buffer overrun can

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [11 October 2022] === Using a Custom Cipher with NID_undef may lead to NULL encryption (CVE-2022-3358

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 OpenSSL Security Advisory [5 July 2022] === Heap memory corruption with RSA private key operation (CVE-2022-2274) = Severity: High The OpenSSL

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [21 June 2022] The c_rehash script allows command injection (CVE-2022-2068) Severity: Moderate In addition

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [03 May 2022] === The c_rehash script allows command injection (CVE-2022-1292) Severity: Moderate The c_rehash script

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [15 March 2022] Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [28 January 2022] === BN_mod_exp may produce incorrect results on MIPS (CVE-2021-4160) Severity: Moderate

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [14 December 2021] Invalid handling of X509_verify_cert() internal errors in libssl (CVE-2021-4044

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [24 August 2021] == SM2 Decryption Buffer Overflow (CVE-2021-3711) == Severity: High In order to decrypt SM2 encrypted data

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [25 March 2021] = CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450) Severity: High

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [16 February 2021] Null pointer deref in X509_issuer_and_serial_hash() (CVE-2021-23841) Severity: Moderate

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [08 December 2020] EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971) == Severity: High The X.509 GeneralName type

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 OpenSSL Security Advisory [09 September 2020] = Raccoon Attack (CVE-2020-1968) == Severity: Low The Raccoon attack exploits a flaw in the TLS specification which can lead

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [21 April 2020] = Segmentation fault in SSL_check_chain (CVE-2020-1967) = Severity: High Server or client applications that call

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [6 December 2019] === rsaz_512_sqr overflow bug on x86_64 (CVE-2019-1551) === Severity: Low There is an overflow bug in the x64_64

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 OpenSSL Security Advisory [10 September 2019] = ECDSA remote timing attack (CVE-2019-1547) == Severity: Low Normally in OpenSSL EC groups always have a co-factor

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 OpenSSL Security Advisory [26 February 2019] 0-byte record padding oracle (CVE-2019-1559) Severity: Moderate If an application encounters a fatal protocol

[openssl-announce] OpenSSL Security Advisory

OpenSSL Security Advisory [12 November 2018] Microarchitecture timing vulnerability in ECC scalar multiplication (CVE-2018-5407) === Severity: Low OpenSSL ECC scalar

[openssl-announce] OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 OpenSSL Security Advisory [12 June 2018] Client DoS due to large DH parameter (CVE-2018-0732) Severity: Low During key agreement in a TLS handshake

[openssl-announce] OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [16 Apr 2018] Cache timing vulnerability in RSA Key Generation (CVE-2018-0737) Severity: Low The OpenSSL RSA Key

[openssl-announce] OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [07 Dec 2017] Read/write after SSL object in error state (CVE-2017-3737) == Severity: Moderate OpenSSL 1.0.2 (starting

[openssl-announce] OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [16 Feb 2017] Encrypt-Then-Mac renegotiation crash (CVE-2017-3733) Severity: High During a renegotiation handshake

[openssl-announce] OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 OpenSSL Security Advisory [22 Sep 2016] OCSP Status Request extension unbounded memory growth (CVE-2016-6304) = Severity: High A malicious

[openssl-announce] OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 OpenSSL Security Advisory [3rd May 2016] Memory corruption in the ASN.1 encoder (CVE-2016-2108) == Severity: High This issue affected versions of OpenSSL

[openssl-announce] OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 OpenSSL Security Advisory [1st March 2016] = NOTE: With this update, OpenSSL is disabling the SSLv2 protocol by default, as well as removing SSLv2 EXPORT ciphers. We strongly advise against the use of SSLv2

OpenSSL security advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 OpenSSL Security Advisory [12 Mar 2012] === CMS and S/MIME Bleichenbacher attack (CVE-2012-0884) A weakness in the OpenSSL CMS and PKCS #7 code can be exploited

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 OpenSSL Security Advisory [6 September 2011] Two security flaws have been fixed in OpenSSL 1.0.0e CRL verification vulnerability in OpenSSL = Under certain circumstances OpenSSL's internal certificate

OpenSSL Security Advisory: OCSP stapling vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 OpenSSL Security Advisory [8 February 2011] OCSP stapling vulnerability in OpenSSL == Incorrectly formatted ClientHello handshake messages could cause OpenSSL to parse past the end of the message. This issue

OpenSSL Security Advisory: Timing-based attacks on SSL/TLS with CBC encryption

OpenSSL Security Advisory [19 February 2003] Timing-based attacks on SSL/TLS with CBC encryption === CONTENTS - Vulnerability - Source code patch [*] - Acknowledgement - References [*] OpenSSL 0.9.6i and OpenSSL 0.9.7a do not require