AVG-154 log

Package	openssl
Status	Fixed
Severity	Medium
Type	multiple issues
Affected	1.0.2.j-1
Fixed	1.0.2.k-1
Current	3.2.1-1 [core]
Ticket	None
Created	Thu Jan 26 14:22:06 2017

Issue	Severity	Remote	Type	Description
CVE-2017-3732	Low	No	Information disclosure	There is a carry propagating bug in the x86_64 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and...
CVE-2017-3731	Medium	Yes	Denial of service	If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to...
CVE-2016-7055	Low	Yes	Incorrect calculation	There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure that handles input lengths divisible by, but longer than 256...

Issue

Severity

Remote

Type

Description

CVE-2017-3732

Low

Information disclosure

There is a carry propagating bug in the x86_64 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and...

CVE-2017-3731

Medium

Yes

Denial of service

If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to...

CVE-2016-7055

Low

Yes

Incorrect calculation

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure that handles input lengths divisible by, but longer than 256...

Date	Advisory	Package	Type
28 Jan 2017	ASA-201701-37	openssl	multiple issues

References
https://www.openssl.org/news/secadv/20161110.txt https://www.openssl.org/news/secadv/20170126.txt