Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks. The library does not validate division results, allowing a malicious user to cause a denial of service via an out-of-bounds write by sending a overly large BIGNUM...

USN-3087-2 openssl regression

USN-3087-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Shi Lei discovered that OpenSSL incorrectly handled the OCSP Statu...