Advisory: CLSA-2022:1654011190
OS: Ubuntu 16.04 ELS
Public date: 2022-05-31 00:00:00
Project: openssl
Version: 1.0.2g-1ubuntu4.21+tuxcare.els3
Errata link: https://errata.tuxcare.com/els_os/ubuntu16.04els/CLSA-2022-1654011190.html
* SECURITY UPDATE: Improper Neutralization - debian/patches/CVE-2022-1292.patch: restrict using shell to invoke openssl due to possible privilege escalation - debian/patches/CVE-2022-1473.patch: fix bug OPENSSL_LH_flush() memory releasing leading to DoS - CVE-2022-1292 - CVE-2022-1473
Update command: apt-get update apt-get --only-upgrade install openssl*
libssl-dev_1.0.2g-1ubuntu4.21+tuxcare.els3_amd64.deb libssl-doc_1.0.2g-1ubuntu4.21+tuxcare.els3_all.deb libssl1.0.0_1.0.2g-1ubuntu4.21+tuxcare.els3_amd64.deb openssl_1.0.2g-1ubuntu4.21+tuxcare.els3_amd64.deb