Information on source package openssl

Available versions

ReleaseVersion
jessie1.0.1t-1+deb8u22
stretch1.1.0l-1~deb9u10
stretch (security)1.1.0l-1~deb9u6
buster1.1.1n-0+deb10u7
buster (security)1.1.1n-0+deb10u6
bullseye1.1.1w-0+deb11u1
bullseye (security)1.1.1w-0+deb11u2
bookworm3.0.15-1~deb12u1
bookworm (security)3.0.14-1~deb12u2
trixie3.3.2-2
sid3.3.2-2

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2024-9143vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedfixedIssue summary: Use of the low-level GF(2^m) elliptic curve APIs with u ...
CVE-2024-5535vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedIssue summary: Calling the OpenSSL API function SSL_select_next_proto ...
CVE-2022-4304vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedfixedA timing based side channel exists in the OpenSSL RSA Decryption imple ...
CVE-2021-4160vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedThere is a carry propagation bug in the MIPS32 and MIPS64 squaring pro ...
CVE-2020-1968vulnerable (no DSA)fixedfixedfixedfixedfixedfixedThe Raccoon attack exploits a flaw in the TLS specification which can ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2007-6755vulnerablefixedfixedfixedfixedfixedfixedThe NIST SP 800-90A default statement of the Dual Elliptic Curve Deter ...

Resolved issues

BugDescription
CVE-2024-6119Issue summary: Applications performing certificate name checks (e.g., ...
CVE-2024-4741Issue summary: Calling the OpenSSL API function SSL_free_buffers may c ...
CVE-2024-4603Issue summary: Checking excessively long DSA keys or parameters may be ...
CVE-2024-2511Issue summary: Some non-default TLS server configurations can cause un ...
CVE-2024-0727Issue summary: Processing a maliciously formatted PKCS12 file may lead ...
CVE-2023-6237Issue summary: Checking excessively long invalid RSA public keys may t ...
CVE-2023-6129Issue summary: The POLY1305 MAC (message authentication code) implemen ...
CVE-2023-5678Issue summary: Generating excessively long X9.42 DH keys or checking e ...
CVE-2023-5363Issue summary: A bug has been identified in the processing of key and ...
CVE-2023-4807Issue summary: The POLY1305 MAC (message authentication code) implemen ...
CVE-2023-3817Issue summary: Checking excessively long DH keys or parameters may be ...
CVE-2023-3446Issue summary: Checking excessively long DH keys or parameters may be ...
CVE-2023-2975Issue summary: The AES-SIV cipher implementation contains a bug that c ...
CVE-2023-2650Issue summary: Processing some specially crafted ASN.1 object identifi ...
CVE-2023-1255Issue summary: The AES-XTS cipher decryption implementation for 64 bit ...
CVE-2023-0466The function X509_VERIFY_PARAM_add0_policy() is documented to implicit ...
CVE-2023-0465Applications that use a non-default option when verifying certificates ...
CVE-2023-0464A security vulnerability has been identified in all supported versions ...
CVE-2023-0401A NULL pointer can be dereferenced when signatures are being verified ...
CVE-2023-0286There is a type confusion vulnerability relating to X.400 address proc ...
CVE-2023-0217An invalid pointer dereference on read can be triggered when an applic ...
CVE-2023-0216An invalid pointer dereference on read can be triggered when an applic ...
CVE-2023-0215The public API function BIO_new_NDEF is a helper function used for str ...
CVE-2022-4450The function PEM_read_bio_ex() reads a PEM file from a BIO and parses ...
CVE-2022-4203A read buffer overrun can be triggered in X.509 certificate verificati ...
CVE-2022-3996If an X.509 certificate contains a malformed policy constraint and pol ...
CVE-2022-3786A buffer overrun can be triggered in X.509 certificate verification, s ...
CVE-2022-3602A buffer overrun can be triggered in X.509 certificate verification, s ...
CVE-2022-3358OpenSSL supports creating a custom cipher via the legacy EVP_CIPHER_me ...
CVE-2022-2274The OpenSSL 3.0.4 release introduced a serious bug in the RSA implemen ...
CVE-2022-2097AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimi ...
CVE-2022-2068In addition to the c_rehash shell command injection identified in CVE- ...
CVE-2022-1473The OPENSSL_LH_flush() function, which empties a hash table, contains ...
CVE-2022-1434The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly ...
CVE-2022-1343The function `OCSP_basic_verify` verifies the signer certificate on an ...
CVE-2022-1292The c_rehash script does not properly sanitise shell metacharacters to ...
CVE-2022-0778The BN_mod_sqrt() function, which computes a modular square root, cont ...
CVE-2021-23841The OpenSSL public API function X509_issuer_and_serial_hash() attempts ...
CVE-2021-23840Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may ...
CVE-2021-23839OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 ...
CVE-2021-4044Internally libssl in OpenSSL calls X509_verify_cert() on the client si ...
CVE-2021-3712ASN.1 strings are represented internally within OpenSSL as an ASN1_STR ...
CVE-2021-3711In order to decrypt SM2 encrypted data an application is expected to c ...
CVE-2021-3450The X509_V_FLAG_X509_STRICT flag enables additional security checks of ...
CVE-2021-3449An OpenSSL TLS server may crash if sent a maliciously crafted renegoti ...
CVE-2020-1971The X.509 GeneralName type is a generic type for representing differen ...
CVE-2020-1967Server or client applications that call the SSL_check_chain() function ...
CVE-2019-1563In situations where an attacker receives automated notification of the ...
CVE-2019-1559If an application encounters a fatal protocol error and then calls SSL ...
CVE-2019-1552OpenSSL has internal defaults for a directory tree where it can find a ...
CVE-2019-1551There is an overflow bug in the x64_64 Montgomery squaring procedure u ...
CVE-2019-1549OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). Th ...
CVE-2019-1547Normally in OpenSSL EC groups always have a co-factor present and this ...
CVE-2019-1543ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input ...
CVE-2018-5407Simultaneous Multi-threading (SMT) in processors can enable local user ...
CVE-2018-0739Constructed ASN.1 types with a recursive definition (such as can be fo ...
CVE-2018-0737The OpenSSL RSA Key generation algorithm has been shown to be vulnerab ...
CVE-2018-0735The OpenSSL ECDSA signature algorithm has been shown to be vulnerable ...
CVE-2018-0734The OpenSSL DSA signature algorithm has been shown to be vulnerable to ...
CVE-2018-0733Because of an implementation bug the PA-RISC CRYPTO_memcmp function is ...
CVE-2018-0732During key agreement in a TLS handshake using a DH(E) based ciphersuit ...
CVE-2017-3738There is an overflow bug in the AVX2 Montgomery multiplication procedu ...
CVE-2017-3737OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error stat ...
CVE-2017-3736There is a carry propagating bug in the x86_64 Montgomery squaring pro ...
CVE-2017-3735While parsing an IPAddressFamily extension in an X.509 certificate, it ...
CVE-2017-3733During a renegotiation handshake if the Encrypt-Then-Mac extension is ...
CVE-2017-3732There is a carry propagating bug in the x86_64 Montgomery squaring pro ...
CVE-2017-3731If an SSL/TLS server or client is running on a 32-bit host, and a spec ...
CVE-2017-3730In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad par ...
CVE-2016-8610A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 thro ...
CVE-2016-7056A timing attack flaw was found in OpenSSL 1.0.1u and before that could ...
CVE-2016-7055There is a carry propagating bug in the Broadwell-specific Montgomery ...
CVE-2016-7054In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1 ...
CVE-2016-7053In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS struc ...
CVE-2016-7052crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to ca ...
CVE-2016-6309statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movem ...
CVE-2016-6308statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 befor ...
CVE-2016-6307The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a alloca ...
CVE-2016-6306The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2 ...
CVE-2016-6305The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 ...
CVE-2016-6304Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 befo ...
CVE-2016-6303Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c ...
CVE-2016-6302The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1. ...
CVE-2016-2842The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 befo ...
CVE-2016-2182The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 ...
CVE-2016-2181The Anti-Replay feature in the DTLS implementation in OpenSSL before 1 ...
CVE-2016-2180The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Publi ...
CVE-2016-2179The DTLS implementation in OpenSSL before 1.1.0 does not properly rest ...
CVE-2016-2178The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL throug ...
CVE-2016-2177OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-bu ...
CVE-2016-2176The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL be ...
CVE-2016-2109The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 ...
CVE-2016-2108The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0 ...
CVE-2016-2107The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1. ...
CVE-2016-2106Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_e ...
CVE-2016-2105Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode ...
CVE-2016-0800The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before ...
CVE-2016-0799The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1. ...
CVE-2016-0798Memory leak in the SRP_VBASE_get_by_user implementation in OpenSSL 1.0 ...
CVE-2016-0797Multiple integer overflows in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 be ...
CVE-2016-0705Double free vulnerability in the dsa_priv_decode function in crypto/ds ...
CVE-2016-0704An oracle protection mechanism in the get_client_master_key function i ...
CVE-2016-0703The get_client_master_key function in s2_srvr.c in the SSLv2 implement ...
CVE-2016-0702The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in O ...
CVE-2016-0701The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 ...
CVE-2015-7575Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozi ...
CVE-2015-5738The RSA-CRT implementation in the Cavium Software Development Kit (SDK ...
CVE-2015-4000The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is ena ...
CVE-2015-3216Race condition in a certain Red Hat patch to the PRNG lock implementat ...
CVE-2015-3197ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f d ...
CVE-2015-3196ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and ...
CVE-2015-3195The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in Open ...
CVE-2015-3194crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before ...
CVE-2015-3193The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.p ...
CVE-2015-1794The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 b ...
CVE-2015-1793The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0 ...
CVE-2015-1792The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before ...
CVE-2015-1791Race condition in the ssl3_get_new_session_ticket function in ssl/s3_c ...
CVE-2015-1790The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL bef ...
CVE-2015-1789The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before ...
CVE-2015-1788The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before ...
CVE-2015-1787The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0. ...
CVE-2015-0293The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0 ...
CVE-2015-0292Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encod ...
CVE-2015-0291The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 before 1.0.2a ...
CVE-2015-0290The multi-block feature in the ssl3_write_bytes function in s3_pkt.c i ...
CVE-2015-0289The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0. ...
CVE-2015-0288The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL bef ...
CVE-2015-0287The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL bef ...
CVE-2015-0286The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0 ...
CVE-2015-0285The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 before 1. ...
CVE-2015-0209Use-after-free vulnerability in the d2i_ECPrivateKey function in crypt ...
CVE-2015-0208The ASN.1 signature-verification implementation in the rsa_item_verify ...
CVE-2015-0207The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 before 1.0.2a d ...
CVE-2015-0206Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL ...
CVE-2015-0205The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before ...
CVE-2015-0204The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9. ...
CVE-2014-8275OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k d ...
CVE-2014-8176The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9. ...
CVE-2014-5139The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 befo ...
CVE-2014-3572The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9. ...
CVE-2014-3571OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k a ...
CVE-2014-3570The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0. ...
CVE-2014-3569The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, ...
CVE-2014-3568OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j d ...
CVE-2014-3567Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL ...
CVE-2014-3566The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ...
CVE-2014-3513Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 b ...
CVE-2014-3512Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implement ...
CVE-2014-3511The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 bef ...
CVE-2014-3510The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9 ...
CVE-2014-3509Race condition in the ssl_parse_serverhello_tlsext function in t1_lib. ...
CVE-2014-3508The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 ...
CVE-2014-3507Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 b ...
CVE-2014-3506d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, ...
CVE-2014-3505Double free vulnerability in d1_both.c in the DTLS implementation in O ...
CVE-2014-3470The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL bef ...
CVE-2014-2234A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier use ...
CVE-2014-0224OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h d ...
CVE-2014-0221The dtls1_get_message_fragment function in d1_both.c in OpenSSL before ...
CVE-2014-0198The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, ...
CVE-2014-0195The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before ...
CVE-2014-0160The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1 ...
CVE-2014-0076The Montgomery ladder implementation in OpenSSL through 1.0.0l does no ...
CVE-2013-6450The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l ...
CVE-2013-6449The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0. ...
CVE-2013-4353The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1. ...
CVE-2013-0169The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as use ...
CVE-2013-0166OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d do ...
CVE-2012-4929The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google C ...
CVE-2012-2686crypto/evp/e_aes_cbc_hmac_sha1.c in the AES-NI functionality in the TL ...
CVE-2012-2333Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1 ...
CVE-2012-2131Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSS ...
CVE-2012-2110The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL be ...
CVE-2012-1165The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL befor ...
CVE-2012-0884The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 i ...
CVE-2012-0050OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, ...
CVE-2012-0027The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle inva ...
CVE-2011-5095The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when ...
CVE-2011-4619The Server Gated Cryptography (SGC) implementation in OpenSSL before 0 ...
CVE-2011-4577OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is ...
CVE-2011-4576The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0 ...
CVE-2011-4354crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as u ...
CVE-2011-4109Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_ ...
CVE-2011-4108The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f ...
CVE-2011-3210The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through ...
CVE-2011-3207crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initial ...
CVE-2011-1945The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and ...
CVE-2011-0014ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c ...
CVE-2010-5298Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL ...
CVE-2010-4252OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly valid ...
CVE-2010-4180OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_R ...
CVE-2010-3864Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9 ...
CVE-2010-2939Double free vulnerability in the ssl3_get_key_exchange function in the ...
CVE-2010-1633RSA verification recovery in the EVP_PKEY_verify_recover function in O ...
CVE-2010-1378OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perfo ...
CVE-2010-0742The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cm ...
CVE-2010-0740The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through ...
CVE-2010-0433The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before ...
CVE-2009-4355Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib ...
CVE-2009-3555The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as us ...
CVE-2009-3245OpenSSL before 0.9.8m does not check for a NULL return value from bn_w ...
CVE-2009-2409The Network Security Services (NSS) library before 3.12.3, as used in ...
CVE-2009-1387The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in Open ...
CVE-2009-1386ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause ...
CVE-2009-1379Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment f ...
CVE-2009-1378Multiple memory leaks in the dtls1_process_out_of_seq_message function ...
CVE-2009-1377The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and ...
CVE-2009-0789OpenSSL before 0.9.8k on WIN64 and certain other platforms does not pr ...
CVE-2009-0653OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an ...
CVE-2009-0591The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is ...
CVE-2009-0590The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remo ...
CVE-2008-7270OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is ...
CVE-2008-5077OpenSSL 0.9.8i and earlier does not properly check the return value fr ...
CVE-2008-1672OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of ...
CVE-2008-0891Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS s ...
CVE-2008-0166OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operat ...
CVE-2007-5135Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9 ...
CVE-2007-4995Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0. ...
CVE-2007-3108The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9. ...
CVE-2006-7250The mime_hdr_cmp function in crypto/asn1/asn_mime.c in OpenSSL 0.9.8t ...
CVE-2006-4343The get_server_hello function in the SSLv2 client code in OpenSSL 0.9. ...
CVE-2006-4339OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, wh ...
CVE-2006-3738Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9. ...
CVE-2006-2940OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions ...
CVE-2006-2937OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote atta ...
CVE-2005-2969The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0 ...
CVE-2005-2946The default configuration on OpenSSL before 0.9.8 uses MD5 for creatin ...
CVE-2004-0975The der_chop script in the openssl package in Trustix Secure Linux 1.5 ...
CVE-2004-0112The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, wh ...
CVE-2004-0081OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message t ...
CVE-2004-0079The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0. ...
CVE-2003-0545Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to ...
CVE-2003-0544OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characte ...
CVE-2003-0543Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to ...
CVE-2003-0147OpenSSL does not use RSA blinding by default, which allows local and r ...
CVE-2003-0131The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and ...
CVE-2003-0078ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before ...
CVE-2002-1568OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks ...
CVE-2002-0659The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and ea ...
CVE-2002-0657Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos ena ...
CVE-2002-0656Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and ea ...
CVE-2002-0655OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not prop ...
CVE-2000-1254crypto/rsa/rsa_gen.c in OpenSSL before 0.9.6 mishandles C bitwise-shif ...

Security announcements

DSA / DLADescription
ELA-1258-1openssl - security update
ELA-1257-1openssl - security update
ELA-1256-1openssl - security update
DLA-3942-2openssl - regression update
DLA-3942-1openssl - security update
DSA-5764-1openssl - security update
DSA-5532-1openssl - security update
ELA-953-1openssl - security update
DLA-3530-1openssl - security update
DLA-3449-1openssl - security update
DSA-5417-1openssl - security update
ELA-807-1openssl - security update
DLA-3325-1openssl - security update
DSA-5343-1openssl - security update
ELA-688-1openssl - security update
DSA-5169-1openssl - security update
DSA-5139-1openssl - security update
ELA-613-1openssl - security update
DLA-3008-1openssl - security update
DLA-2952-1openssl - security update
ELA-580-1openssl - security update
DSA-5103-1openssl - security update
ELA-498-1openssl - security update
DLA-2766-1openssl - security update
ELA-484-1openssl - security update
DSA-4963-1openssl - security update
DSA-4875-1openssl - security update
DLA-2563-1openssl - security update
ELA-366-1openssl - security update
DSA-4855-1openssl - security update
DLA-2492-1openssl - security update
ELA-331-1openssl - security update
DSA-4807-1openssl - security update
DSA-4661-1openssl - security update
DSA-4539-3openssl - regression update
DSA-4539-1openssl - security update
ELA-171-1openssl - security update
DLA-1932-1openssl - security update
DSA-4475-1openssl - security update
ELA-88-1openssl - security update
DLA-1701-1openssl - security update
DSA-4348-1openssl - security update
DLA-1586-1openssl - security update
ELA-59-1openssl - security update
DLA-1449-1openssl - security update
ELA-21-1openssl - security update
ELA-4-1openssl - security update
DLA-1330-1openssl - security update
DSA-4157-1openssl - security update
DSA-4018-1openssl - security update
DLA-1157-1openssl - security update
DLA-814-1openssl - security update
DSA-3773-1openssl - security update
DLA-637-1openssl - security update
DSA-3673-2openssl - regression update
DSA-3673-1openssl - security update
DSA-3566-1openssl - security update
DLA-456-1openssl - security update
DSA-3500-1openssl - security update
DLA-421-1openssl - security update
DSA-3436-1openssl - security update
DSA-3413-1openssl - security update
DLA-358-1openssl - security update
DLA-247-1openssl - security update
DSA-3287-1openssl - security update
DSA-3197-2openssl - regression update
DLA-177-1openssl - security update
DSA-3197-1openssl - security update
DSA-3125-1openssl - security update
DLA-132-1openssl - security update
DLA-81-1openssl - security update
DSA-3053-1openssl - security update
DSA-2998-1openssl - security update
DLA-33-1openssl - security update
DLA-0008-1openssl - security update
DSA-2950-1openssl - security update
DLA-0003-1openssl - security update
DSA-2931-1openssl - security update
DSA-2908-1openssl - security update
DSA-2896-1openssl - security update
DSA-2837-1openssl - programming error
DSA-2833-1openssl - several
DSA-2621-1openssl - several vulnerabilities
DSA-2475-1openssl - integer underflow
DSA-2454-2openssl - incomplete fix
DSA-2454-1openssl - multiple
DSA-2392-1openssl - out-of-bounds read
DSA-2390-1openssl - several
DSA-2343-1openssl - CA trust revocation
DSA-2309-1openssl - compromised certificate authority
DSA-2162-1openssl - invalid memory access
DSA-2141-1openssl - protocol design flaw
DSA-2125-1openssl - buffer overflow
DSA-2100-1openssl - double free
DSA-1970-1openssl - denial of service
DSA-1888-1openssl - cryptographic weakness
DSA-1763-1openssl openssl097 - denial of service
DSA-1701-1openssl openssl097 - cryptographic weakness
DSA-1571-1openssl - predictable random number generator
DSA-1379-1openssl - arbitrary code execution
DSA-1185-2openssl
DSA-1173-1openssl - cryptographic weakness
DSA-888-1openssl - cryptographic weakness
DSA-603-1openssl - insecure temporary file
DSA-465openssl - several vulnerabilities
DSA-393openssl - denial of service
DSA-288openssl - several vulnerabilities
DSA-253openssl - information leak
DSA-136openssl - multiple remote exploits

Search for package or bug name: Reporting problems