Please upgrade to openssl 1.1.1g or later for 20.04
Bug #1911211 reported by
Jim Campbell
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openssl (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
There is a CVE for openssl ( https:/
Please upgrade as you are able. I would be willing to test this package. Thank you!
CVE References
Changed in openssl (Ubuntu): | |
status: | Incomplete → New |
Changed in openssl (Ubuntu): | |
status: | New → Invalid |
information type: | Private Security → Public Security |
To post a comment you must log in.
We fixed that issue in the 1.1.1f-1ubuntu2 package:
openssl (1.1.1f-1ubuntu2) focal; urgency=medium
* SECURITY UPDATE: Segmentation fault in SSL_check_chain patches/ CVE-2020- 1967-1. patch: add test for CVE-2020-1967 in recipes/ 70-test_ sslsigalgs. t. patches/ CVE-2020- 1967-2. patch: fix NULL dereference in check_chain( ) for TLS 1.3 in ssl/t1_lib.c. patches/ CVE-2020- 1967-3. patch: fix test in recipes/ 70-test_ sslsigalgs. t. patches/ CVE-2020- 1967-4. patch: fix test in recipes/ 70-test_ sslsigalgs. t.
- debian/
test/
- debian/
SSL_
- debian/
test/
- debian/
test/
- CVE-2020-1967
-- Marc Deslauriers <email address hidden> Mon, 20 Apr 2020 07:53:50 -0400