Advisory: CLSA-2021:1639681783
OS: Ubuntu 16.04 ELS
Public date: 2021-12-16
Project: openssl
Version: 1.0.2g-1ubuntu4.21
Errata link: https://errata.cloudlinux.com/ubuntu16-els/CLSA-2021-1639681783.html
* SECURITY UPDATE: fix assumption that ASN.1 string is NULL terminated when it exactly doesn't. - debian/patches/CVE-2021-3712.patch: backport all found cases where code relayed on assumtion that ASN.1 string is NULL terminated - CVE-2021-3712
libssl-dev_1.0.2g-1ubuntu4.21_amd64.deb libssl-doc_1.0.2g-1ubuntu4.21_all.deb libssl1.0.0_1.0.2g-1ubuntu4.21_amd64.deb openssl_1.0.2g-1ubuntu4.21_amd64.deb