LibCare Patches

openssl_1.1.1n-0+deb11u4 ()
Package Update Version: 1.1.1w-0+deb11u3
Release Date: 2025-06-02 15:37:16

CVE CVE-2023-0464, CVSSv2 Score: 7.5
Description:
Excessive Resource Usage Verifying X.509 Policy Constraints
Patch: openssl/CVE-2023-0464.patch

CVE CVE-2023-0464, CVSSv2 Score: 5.9
Description:
Denial of service by excessive resource usage in verifying X509 policy constraints
Patch: openssl/1.1.1f/CVE-2023-0464-1.adapt.patch

CVE CVE-2023-0465, CVSSv2 Score: 5.3
Description:
Invalid certificate policies in leaf certificates are silently ignored
Patch: openssl/CVE-2023-0465.patch

CVE CVE-2023-0465, CVSSv2 Score: 5.3
Description:
Invalid certificate policies in leaf certificates are silently ignored
Patch: openssl/CVE-2023-0465-test1.patch

CVE CVE-2023-0465, CVSSv2 Score: 5.3
Description:
Invalid certificate policies in leaf certificates are silently ignored
Patch: openssl/CVE-2023-0465-test2.patch

CVE CVE-2023-2650, CVSSv2 Score: 6.5
Description:
Possible DoS translating ASN.1 object identifiers
Patch: openssl/CVE-2023-2650.patch

CVE CVE-2023-3446, CVSSv2 Score: 5.3
Description:
Excessive time spent checking DH keys and parameters
Patch: openssl/CVE-2023-3446.patch

CVE CVE-2023-3817, CVSSv2 Score: 5.3
Description:
Excessive time spent checking DH q parameter value
Patch: openssl/CVE-2023-3817.patch

CVE CVE-2023-3446, CVSSv2 Score: 5.3
Description:
Excessive time spent checking DH keys and parameters
Patch: openssl/CVE-2023-3446-adapt.patch

CVE CVE-2023-5678, CVSSv2 Score: 7.5
Description:
Excessive time spent in DH check / generation with large Q parameter value
Patch: openssl/1.1.1w/CVE-2023-5678.patch

CVE CVE-2023-5678, CVSSv2 Score: 7.5
Description:
Excessive time spent in DH check / generation with large Q parameter value
Patch: openssl/1.1.1w/CVE-2023-5678-adapt.patch

CVE CVE-2024-0727, CVSSv2 Score: 5.5
Description:
PKCS12 Decoding crashes
Patch: openssl/1.1.1w/CVE-2024-0727-1.patch

CVE CVE-2024-0727, CVSSv2 Score: 5.5
Description:
PKCS12 Decoding crashes
Patch: openssl/1.1.1w/CVE-2024-0727-2.patch

CVE CVE-2024-2511, CVSSv2 Score: 3.7
Description:
Unbounded memory growth with session handling in TLSv1.3
Patch: openssl/1.1.1w/CVE-2024-2511.patch

CVE CVE-2024-4741, CVSSv2 Score: 7.5
Description:
Use After Free with SSL_free_buffers
Patch: openssl/1.1.1w/CVE-2024-4741.patch

CVE CVE-2024-5535, CVSSv2 Score: 9.1
Description:
SSL_select_next_proto buffer overread - Fix SSL_select_next_proto
Patch: openssl/1.1.1w/CVE-2024-5535-1.patch

CVE CVE-2024-5535, CVSSv2 Score: 9.1
Description:
SSL_select_next_proto buffer overread - More correctly handle a selected_len of 0 when processing NPN
Patch: openssl/1.1.1w/CVE-2024-5535-2.patch

CVE CVE-2024-5535, CVSSv2 Score: 9.1
Description:
SSL_select_next_proto buffer overread - Add a test for SSL_select_next_proto
Patch: openssl/1.1.1w/CVE-2024-5535-3-adapted-n.patch

CVE CVE-2024-5535, CVSSv2 Score: 9.1
Description:
SSL_select_next_proto buffer overread - Allow an empty NPN/ALPN protocol list in the tests
Patch: openssl/1.1.1w/CVE-2024-5535-4.patch

CVE CVE-2024-5535, CVSSv2 Score: 9.1
Description:
SSL_select_next_proto buffer overread - Correct return values for tls_construct_stoc_next_proto_neg
Patch: openssl/1.1.1w/CVE-2024-5535-5.patch

CVE CVE-2024-5535, CVSSv2 Score: 9.1
Description:
SSL_select_next_proto buffer overread - Add ALPN validation in the client
Patch: openssl/1.1.1w/CVE-2024-5535-6.patch

CVE CVE-2024-5535, CVSSv2 Score: 9.1
Description:
SSL_select_next_proto buffer overread - Add explicit testing of ALN and NPN in sslapitest
Patch: openssl/1.1.1w/CVE-2024-5535-7-adapted-n.patch

CVE CVE-2024-5535, CVSSv2 Score: 9.1
Description:
SSL_select_next_proto buffer overread - Add a test for an empty NextProto message
Patch: openssl/1.1.1w/CVE-2024-5535-8.patch

CVE CVE-2024-9143, CVSSv2 Score: 4.3
Description:
Low-level invalid GF(2^m) parameters lead to OOB memory access
Patch: openssl/1.1.1w/CVE-2024-9143.patch

CVE CVE-2024-13176, CVSSv2 Score: 4.7
Description:
Timing side-channel in ECDSA signature computation
Patch: openssl/1.1.1f/CVE-2024-13176.patch