Lucene search
CentOS ProjectCESA-2023:1335HistoryMar 22, 2023 - 2:01 p.m.
openssl security update
2023-03-2214:01:44
CentOS Project
lists.centos.org
121
0.003 Low
EPSS
Percentile
65.3%
CentOS Errata and Security Advisory CESA-2023:1335
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
- openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2023-March/086392.html
Affected packages:
openssl
openssl-devel
openssl-libs
openssl-perl
openssl-static
Upstream details at:
https://access.redhat.com/errata/RHSA-2023:1335
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| CentOS | 7 | x86_64 | openssl | < 1.0.2k-26.el7_9 | openssl-1.0.2k-26.el7_9.x86_64.rpm |
| CentOS | 7 | i686 | openssl-devel | < 1.0.2k-26.el7_9 | openssl-devel-1.0.2k-26.el7_9.i686.rpm |
| CentOS | 7 | x86_64 | openssl-devel | < 1.0.2k-26.el7_9 | openssl-devel-1.0.2k-26.el7_9.x86_64.rpm |
| CentOS | 7 | i686 | openssl-libs | < 1.0.2k-26.el7_9 | openssl-libs-1.0.2k-26.el7_9.i686.rpm |
| CentOS | 7 | x86_64 | openssl-libs | < 1.0.2k-26.el7_9 | openssl-libs-1.0.2k-26.el7_9.x86_64.rpm |
| CentOS | 7 | x86_64 | openssl-perl | < 1.0.2k-26.el7_9 | openssl-perl-1.0.2k-26.el7_9.x86_64.rpm |
| CentOS | 7 | i686 | openssl-static | < 1.0.2k-26.el7_9 | openssl-static-1.0.2k-26.el7_9.i686.rpm |
| CentOS | 7 | x86_64 | openssl-static | < 1.0.2k-26.el7_9 | openssl-static-1.0.2k-26.el7_9.x86_64.rpm |
Related
oraclelinux
oraclelinux
openssl security update
2023-03-20 00:00:00
openssl security update
2023-03-22 00:00:00
openssl security update
2023-03-22 00:00:00
nessus
nessus
FreeBSD : py-cryptography -- includes a vulnerable copy of OpenSSL (c1a8ed1c-2814-4260-82aa-9e37c83aac93)
2023-04-14 00:00:00
F5 Networks BIG-IP : OpenSSL vulnerability (K000132941)
2023-06-23 00:00:00
RHEL 8 : openssl (RHSA-2023:1440)
2023-03-23 00:00:00
debiancve
debiancve
CVE-2023-0286
2023-02-08 20:15:24
openvas
openvas
Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-2077)
2023-06-07 00:00:00
Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-1962)
2023-05-18 00:00:00
Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-2129)
2023-06-07 00:00:00
redhat
redhat
(RHSA-2023:4124) Important: edk2 security update
2023-07-18 07:16:46
(RHSA-2023:1335) Important: openssl security update
2023-03-20 09:19:58
(RHSA-2023:1441) Important: openssl security update
2023-03-23 10:53:48
ibm
ibm
veracode
veracode
Type Confusion
2023-02-09 20:56:17
cvelist
cvelist
CVE-2023-0286 X.400 address type confusion in X.509 GeneralName
2023-02-08 19:01:50
openssl
openssl
Vulnerability in OpenSSL CVE-2023-0286
2023-02-07 00:00:00
cgr
cgr
CVE-2023-0286 vulnerabilities
2024-05-19 03:07:16
freebsd
freebsd
py-cryptography -- includes a vulnerable copy of OpenSSL
2023-02-08 00:00:00
FreeBSD -- Multiple vulnerabilities in OpenSSL
2023-02-16 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-0286 affecting package openssl 1.1.1k-16
2023-02-14 02:35:59
CVE-2023-0286 affecting package rust for versions less than 1.72.0-2
2023-10-11 01:41:59
CVE-2023-0286 affecting package openssl for versions less than 1.1.1k-21
2023-02-14 20:36:09
f5
f5
K000132941 : OpenSSL vulnerability CVE-2023-0286
2023-03-13 00:00:00
rustsec
rustsec
X.400 address type confusion in X.509 `GeneralName`
2023-02-07 12:00:00
githubexploit
githubexploit
Exploit for Type Confusion in Openssl
2023-03-21 04:57:37
osv
osv
Vulnerable OpenSSL included in sgx-dcap-quote-verify-python
2023-02-14 00:30:22
Vulnerable OpenSSL included in cryptography wheels
2023-02-08 22:17:06
X.400 address type confusion in X.509 `GeneralName`
2023-02-07 12:00:00
alpinelinux
alpinelinux
CVE-2023-0286
2023-02-08 20:15:24
cve
cve
CVE-2023-0286
2023-02-08 20:15:24
github
github
Vulnerable OpenSSL included in sgx-dcap-quote-verify-python
2023-02-14 00:30:22
Vulnerable OpenSSL included in cryptography wheels
2023-02-08 22:17:06
hivepro
hivepro
OpenSSL Releases Update to Address Several High-Severity Vulnerabilities
2023-02-10 12:55:54
prion
prion
Type confusion
2023-02-08 20:15:00
ics
ics
Siemens Address Processing in SIMATIC
2023-08-10 12:00:00
Mitsubishi Electric Factory Automation Products
2024-01-04 12:00:00
Hitachi Energy Lumada APM Edge
2023-09-12 12:00:00
wolfi
wolfi
CVE-2023-0286 vulnerabilities
2024-05-19 16:00:46
ubuntucve
ubuntucve
CVE-2023-0286
2023-02-07 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2152
2023-04-11 14:23:07
redhatcve
redhatcve
CVE-2023-0286
2023-02-07 17:30:51
cloudlinux
cloudlinux
openssl: Fix of 2 CVEs
2023-02-10 10:39:56
ubuntu
ubuntu
OpenSSL vulnerabilities
2023-02-07 00:00:00
OpenSSL vulnerabilities
2023-02-07 00:00:00
cloudfoundry
cloudfoundry
USN-5845-1: OpenSSL vulnerabilities | Cloud Foundry
2023-02-24 00:00:00
trellix
trellix
CVE-2023-0286: The OpenSSL Who Cried “Severity: High
2023-02-09 00:00:00
CVE-2023-0286: The OpenSSL Who Cried “Severity: High
2023-02-09 00:00:00
amazon
amazon
Important: openssl
2023-02-03 19:19:00
Important: openssl
2023-02-03 23:39:00
Important: openssl11
2023-02-03 19:19:00
redos
redos
ROS-20230620-06
2023-06-20 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1t-alt1
2023-02-10 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1t-alt1
2023-02-20 00:00:00
almalinux
almalinux
Important: edk2 security update
2023-05-16 00:00:00
slackware
slackware
[slackware-security] openssl
2023-02-07 20:57:57