GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Wed Nov 28, 2018 11:26 pm Post subject: [ GLSA 201811-21 ] OpenSSL |
 |
|
Gentoo Linux Security Advisory
Title: OpenSSL: Multiple vulnerabilities (GLSA 201811-21)
Severity: normal
Exploitable: remote
Date: 2018-11-28
Bug(s): #651730, #653434
ID: 201811-21
Synopsis
Multiple vulnerabilities have been found in OpenSSL, the worst of
which may lead to a Denial of Service condition.
Background
OpenSSL is a robust, commercial-grade, and full-featured toolkit for the
Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols.
Affected Packages
Package: dev-libs/openssl
Vulnerable: < 1.0.2o
Unaffected: >= 1.0.2o
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review
the referenced CVE identifiers for details.
Impact
A remote attacker could cause a Denial of Service condition, obtain
private keying material, or gain access to sensitive information.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2o"
|
References
CVE-2018-0733
CVE-2018-0737
CVE-2018-0739 |
|
News & Announcements
