MGASA-2021-0108 Updated openssl and compat-openssl10 packages fix security vulnerabilities
Paul Kehrer discovered that OpenSSL incorrectly handled certain input lengths in EVP functions. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service CVE-2021-23840. Tavis Ormandy discovered that OpenSSL incorrectly handled parsing issuer...