AVG-33 log
| Package | openssl |
| Status | Fixed |
| Severity | Medium |
| Type | denial of service |
| Affected | 1.0.2.i-1 |
| Fixed | 1.0.2.j-1 |
| Current | 3.6.0-1 [core] |
| Ticket | None |
| Created | Mon Sep 26 11:19:43 2016 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2016-7052 | Medium | Yes | Denial of service | A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0 but was omitted from OpenSSL 1.0.2i. As a result any attempt to use CRLs in OpenSSL... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 28 Sep 2016 | ASA-201609-30 | openssl | denial of service |
| References |
|---|
https://www.openssl.org/news/secadv/20160926.txt |
| Notes |
|---|
This issue only affects OpenSSL 1.0.2i. |