ELA-4-1 openssl security update

possible DoS by a malicious server

2018-06-23
Packageopenssl
Version1.0.1t-1+deb7u5
Related CVEs CVE-2018-0732


Possible DoS by a malicious server that sends a very large prime value to the client during TLS handshake.



For Debian 7 Wheezy, these problems have been fixed in version 1.0.1t-1+deb7u5.

We recommend that you upgrade your openssl packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.