logo
DATABASE RESOURCES PRICING ABOUT US

Important: openssl

Description

**Issue Overview:** A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERAL_NAME_cmp function, could cause the application, compiled with openssl to crash resulting in a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2020-1971) **Affected Packages:** openssl **Issue Correction:** Run _yum update openssl_ to update your system. **New Packages:** i686:     openssl-debuginfo-1.0.2k-16.152.amzn1.i686     openssl-static-1.0.2k-16.152.amzn1.i686     openssl-1.0.2k-16.152.amzn1.i686     openssl-perl-1.0.2k-16.152.amzn1.i686     openssl-devel-1.0.2k-16.152.amzn1.i686 src:     openssl-1.0.2k-16.152.amzn1.src x86_64:     openssl-1.0.2k-16.152.amzn1.x86_64     openssl-perl-1.0.2k-16.152.amzn1.x86_64     openssl-devel-1.0.2k-16.152.amzn1.x86_64     openssl-debuginfo-1.0.2k-16.152.amzn1.x86_64     openssl-static-1.0.2k-16.152.amzn1.x86_64 ### Additional References Red Hat: [CVE-2020-1971](<https://access.redhat.com/security/cve/CVE-2020-1971>) Mitre: [CVE-2020-1971](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971>)


Affected Package


OS OS Version Package Name Package Version
Amazon Linux 1 openssl-debuginfo 1.0.2k-16.152.amzn1
Amazon Linux 1 openssl-static 1.0.2k-16.152.amzn1
Amazon Linux 1 openssl 1.0.2k-16.152.amzn1
Amazon Linux 1 openssl-perl 1.0.2k-16.152.amzn1
Amazon Linux 1 openssl-devel 1.0.2k-16.152.amzn1
Amazon Linux 1 openssl 1.0.2k-16.152.amzn1
Amazon Linux 1 openssl 1.0.2k-16.152.amzn1
Amazon Linux 1 openssl-perl 1.0.2k-16.152.amzn1
Amazon Linux 1 openssl-devel 1.0.2k-16.152.amzn1
Amazon Linux 1 openssl-debuginfo 1.0.2k-16.152.amzn1
Amazon Linux 1 openssl-static 1.0.2k-16.152.amzn1

Related