Release Info

Advisory: CLSA-2023:1676026057

OS: Ubuntu 16.04 ELS

Public date: 2023-02-10 00:00:00

Project: openssl

Version: 1.0.2g-1ubuntu4.21+tuxcare.els5

Errata link: https://errata.cloudlinux.com/ubuntu16-els/CLSA-2023-1676026057.html

Changelog

* SECURITY UPDATE: Use-after-free following BIO_new_NDEF - debian/patches/CVE-2023-0215.patch: fix a UAF resulting from a bug in BIO_new_NDEF in crypto/asn1/bio_ndef.c - CVE-2023-0215 * SECURITY UPDATE: X.400 address type confusion in X.509 GeneralName - debian/patches/CVE-2023-0286.patch: fix GENERAL_NAME_cmp for x400Address in crypto/x509/v3_genn.c - CVE-2023-0286

Update

Update command: apt-get update apt-get --only-upgrade install openssl*

Packages list

libssl-dev_1.0.2g-1ubuntu4.21+tuxcare.els5_amd64.deb libssl-doc_1.0.2g-1ubuntu4.21+tuxcare.els5_all.deb libssl1.0.0_1.0.2g-1ubuntu4.21+tuxcare.els5_amd64.deb openssl_1.0.2g-1ubuntu4.21+tuxcare.els5_amd64.deb

CVEs

CVE-2023-0286
CVE-2023-0215