[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#64991] [PATCH 0/1] OpenSSL 1.1: Fix 8 CVEs (max score: 7.5 high, 68
From: |
Denis 'GNUtoo' Carikli |
Subject: |
[bug#64991] [PATCH 0/1] OpenSSL 1.1: Fix 8 CVEs (max score: 7.5 high, 6850 dependent packages) |
Date: |
Tue, 1 Aug 2023 15:45:37 +0200 |
The patch that will follow updates OpenSSL 1.1 to the last version to fix the
following CVEs:
* CVE-2023-0215 [1]
* CVE-2023-0286 [2]
* CVE-2023-0464 [3]
* CVE-2023-0465 [4]
* CVE-2023-0466 [5]
* CVE-2023-2650 [6]
* CVE-2022-4304 [7]
* CVE-2022-4450 [8]
[1]https://nvd.nist.gov/vuln/detail/CVE-2023-0215
[2]https://nvd.nist.gov/vuln/detail/CVE-2023-0286
[3]https://nvd.nist.gov/vuln/detail/CVE-2023-0464
[4]https://nvd.nist.gov/vuln/detail/CVE-2023-0465
[5]https://nvd.nist.gov/vuln/detail/CVE-2023-0466
[6]https://nvd.nist.gov/vuln/detail/CVE-2023-2650
[7]https://nvd.nist.gov/vuln/detail/CVE-2022-4304
[8]https://nvd.nist.gov/vuln/detail/CVE-2022-4450
While OpenSSL builds fine and that all its test pass on x86_64, it also has a
significant number of reverse dependencies (about 6850, so more than 300) that
need to be rebuilt.
Denis 'GNUtoo' Carikli (1):
gnu: openssl-1.1: Update to 1.1.1u [security fixes].
gnu/packages/tls.scm | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
base-commit: 39fbc041f92489ec30075a85937c8a38723752dc
--
2.41.0
- [bug#64991] [PATCH 0/1] OpenSSL 1.1: Fix 8 CVEs (max score: 7.5 high, 6850 dependent packages),
Denis 'GNUtoo' Carikli <=