AVG-1736 log
| Package | openssl |
| Status | Fixed |
| Severity | High |
| Type | multiple issues |
| Affected | 1.1.1.j-1 |
| Fixed | 1.1.1.k-1 |
| Current | 3.6.0-1 [core] |
| Ticket | None |
| Created | Thu Mar 25 14:32:05 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-3450 | High | Yes | Certificate verification bypass | The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting... |
| CVE-2021-3449 | High | Yes | Denial of service | An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 25 Mar 2021 | ASA-202103-10 | openssl | multiple issues |