openssl-3

pool/openssl-3

SHA256

Fork 1

Commit Graph

Author	SHA256	Message	Date
Otto Hollmann	737365e2ce	Accepting request 1126089 from home:ohollmann:branches:security:tls - Security fix: [bsc#1216922, CVE-2023-5678] * Fix excessive time spent in DH check / generation with large Q parameter value. * Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex () or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. * Add openssl-CVE-2023-5678.patch OBS-URL: https://build.opensuse.org/request/show/1126089 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=78	2023-11-15 09:54:25 +00:00

Author

SHA256

Message

Date

Otto Hollmann

737365e2ce

Accepting request 1126089 from home:ohollmann:branches:security:tls

- Security fix: [bsc#1216922, CVE-2023-5678]
  * Fix excessive time spent in DH check / generation with large Q
    parameter value.
  * Applications that use the functions DH_generate_key() to generate
    an X9.42 DH key may experience long delays. Likewise,
    applications that use DH_check_pub_key(), DH_check_pub_key_ex
    () or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42
    DH parameters may experience long delays. Where the key or
    parameters that are being checked have been obtained from an
    untrusted source this may lead to a Denial of Service.
  * Add openssl-CVE-2023-5678.patch

OBS-URL: https://build.opensuse.org/request/show/1126089
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=78

2023-11-15 09:54:25 +00:00

1 Commits