Debian Bug report logs -
#1055473
openssl: CVE-2023-5678
Package:
src:openssl;
Maintainer for src:openssl is Debian OpenSSL Team <pkg-openssl-devel@alioth-listsdebiannet>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 6 Nov 2023 21:39:02 UTC
Severity: important
Tags: security, upstream
Found in ...
Issue summary: Checking excessively long DH keys or parameters may be very slow
Impact summary: Applications that use the functions DH_check(), DH_check_ex()or EVP_PKEY_param_check() to check a DH key or DH parameters may experience longdelays Where the key or parameters that are being checked have been obtainedfrom an untrusted source this may l ...
Synopsis
Low: openssl security update
Type/Severity
Security Advisory: Low
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for openssl is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Security has rated this updat ...
Synopsis
Moderate: Red Hat JBoss Web Server 577 release and security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat JBoss Web Server 577 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows ServerRed Hat Product Security has rated this update as h ...
Synopsis
Important: ACS 41 enhancement update
Type/Severity
Security Advisory: Important
Topic
Updated images are now available for Red Hat Advanced Cluster Security 416 The updated images includes security fixesRed Hat Product Security has rated this update as having a security impact ofImportant A Common Vulnerability Scoring System ( ...
概述
Important: Red Hat JBoss Core Services Apache HTTP Server 2457 SP2 security update
类型/严重性
Security Advisory: Important
Red Hat Insights 补丁分析
识别并修复受此公告影响的系统。
查看受影响的系统
标题
An update is now available for Red Hat JBoss Core ServicesRed Hat Product Security has ...
概述
Important: Red Hat JBoss Core Services Apache HTTP Server 2457 SP2 security update
类型/严重性
Security Advisory: Important
标题
Red Hat JBoss Core Services Apache HTTP Server 2457 Service Pack 2 is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...
Synopsis
Low: openssl security update
Type/Severity
Security Advisory: Low
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for openssl is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security imp ...
Synopsis
Important: OpenShift Container Platform 41157 bug fix and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 41157 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift ...
Synopsis
Important: Red Hat build of Cryostat security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for the Red Hat build of Cryostat 2 on RHEL 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a ...
Synopsis
Low: openssl security update
Type / Sévérité
Security Advisory: Low
Analyse des correctifs dans Red Hat Insights
Identifiez et remédiez aux systèmes concernés par cette alerte
Voir les systèmes concernés
Sujet
An update for openssl is now available for Red Hat Enterprise Linux 88 Extended Update SupportRed Hat Pr ...
Synopsis
Moderate: Red Hat Single Sign-On 766 for OpenShift image enhancement and security update
Type/Severity
Security Advisory: Moderate
Topic
A new image is available for Red Hat Single Sign-On 766, running on OpenShift Container Platform 310 and 311, and 43Red Hat Product Security has rated this update as having a security impact ...
Synopsis
Important: RHACS 374 enhancement and security update
Type/Severity
Security Advisory: Important
Topic
Updated images are now available for Red Hat Advanced Cluster Security 374 The updated images includes bug and security fixesRed Hat Product Security has rated this update as having a security impact of Important A Common Vulner ...
Synopsis
Moderate: Migration Toolkit for Runtimes security, bug fix and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
Migration Toolkit for Runtimes 124 releaseRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a de ...
Synopsis
Important: RHACS 42 security update
Type/Severity
Security Advisory: Important
Topic
Updated images are now available for Red Hat Advanced Cluster Security 424The updated images includes security fixesRed Hat Product Security has rated this update as having a security impact ofImportant A Common Vulnerability Scoring System (CV ...
Synopsis
Low: Logging Subsystem 5710 - Red Hat OpenShift security update
Type/Severity
Security Advisory: Low
Topic
Low: Logging Subsystem 5710 - Red Hat OpenShift security updateRed Hat Product Security has rated this update as having a security impact of low A Common Vulnerability Scoring System (CVSS) base score, which gives a detaile ...
Synopsis
Critical: Red Hat Advanced Cluster Management 292 security and bug fix container updates
Type/Severity
Security Advisory: Critical
Topic
Red Hat Advanced Cluster Management for Kubernetes 292 GeneralAvailability release images, which provide security updates and fix bugsRed Hat Product Security has rated this update as having a ...
Synopsis
Moderate: Red Hat JBoss Web Server 577 release and security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update is now available for Red Hat JBoss Web Server 577 on Red Hat Enterprise Linux versio ...
Description<!---->A vulnerability was found in OpenSSL This security issue occurs because the applications that use the DH_check(), DH_check_ex(), or EVP_PKEY_param_check() functions to check a DH key or DH parameters may experience long delays Where the key or parameters that are being checked have been obtained from an untrusted source may lead ...
Issue summary: Checking excessively long DH keys or parameters may be very slow
Impact summary: Applications that use the functions DH_check(), DH_check_ex()or EVP_PKEY_param_check() to check a DH key or DH parameters may experience longdelays Where the key or parameters that are being checked have been obtainedfrom an untrusted source this may l ...
Issue summary: Checking excessively long DH keys or parameters may be very slow
Impact summary: Applications that use the functions DH_check(), DH_check_ex()or EVP_PKEY_param_check() to check a DH key or DH parameters may experience longdelays Where the key or parameters that are being checked have been obtainedfrom an untrusted source this may l ...
Issue summary: Checking excessively long DH keys or parameters may be very slow
Impact summary: Applications that use the functions DH_check(), DH_check_ex()or EVP_PKEY_param_check() to check a DH key or DH parameters may experience longdelays Where the key or parameters that are being checked have been obtainedfrom an untrusted source this may l ...
Issue summary: Checking excessively long DH keys or parameters may be very slow
Impact summary: Applications that use the functions DH_check(), DH_check_ex()or EVP_PKEY_param_check() to check a DH key or DH parameters may experience longdelays Where the key or parameters that are being checked have been obtainedfrom an untrusted source this may l ...
A null pointer dereference flaw was found in openssl A remote attacker, able to control the arguments of the GENERAL_NAME_cmp function, could cause the application, compiled with openssl to crash resulting in a denial of service The highest threat from this vulnerability is to system availability (CVE-2020-1971)
Calls to EVP_CipherUpdate, EVP_En ...