AVG-155

Package lib32-openssl
Status Fixed
Severity Medium
Type multiple issues
Affected 1:1.0.2.j-1
Fixed 1:1.0.2.k-1
Current 1:1.1.0.h-1 [multilib]
Ticket None
Created Thu Jan 26 14:22:38 2017
Issue Severity Remote Type Description
CVE-2017-3732 Low No Information disclosure
There is a carry propagating bug in the x86_64 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and...
CVE-2017-3731 Medium Yes Denial of service
If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to...
CVE-2016-7055 Low Yes Incorrect calculation
There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure that handles input lengths divisible by, but longer than 256...
Date Advisory Package Description
27 Jan 2017 ASA-201701-36 lib32-openssl multiple issues
References
https://www.openssl.org/news/secadv/20161110.txt
https://www.openssl.org/news/secadv/20170126.txt