AVG-155 log
| Package | lib32-openssl |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 1:1.0.2.j-1 |
| Fixed | 1:1.0.2.k-1 |
| Current | 1:3.4.0-1 [multilib] |
| Ticket | None |
| Created | Thu Jan 26 14:22:38 2017 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-3732 | Low | No | Information disclosure | There is a carry propagating bug in the x86_64 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and... |
| CVE-2017-3731 | Medium | Yes | Denial of service | If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to... |
| CVE-2016-7055 | Low | Yes | Incorrect calculation | There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure that handles input lengths divisible by, but longer than 256... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 27 Jan 2017 | ASA-201701-36 | lib32-openssl | multiple issues |
| References |
|---|
https://www.openssl.org/news/secadv/20161110.txt https://www.openssl.org/news/secadv/20170126.txt |