Debian DLA-2565-1 : openssl1.0 security update

It was discovered that there were two issues in the 1.0 branch of the OpenSSL cryptographic system : - CVE-2021-23840: Prevent an issue where 'Digital EnVeloPe' EVP-related calls could cause applications to behave incorrectly or even crash. - CVE-2021-23841: Prevent an issue in the X509 certifica...

EulerOS 2.0 SP2 : openssl110f (EulerOS-SA-2020-1629)

According to the versions of the openssl110f packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in...

CVE-2019-1551

There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...

Buffer overflow

There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...