AVG-34

Package lib32-openssl
Status Fixed
Severity Medium
Type denial of service
Affected 1:1.0.2.i-1
Fixed 1:1.0.2.j-1
Current 1:1.1.0.h-1 [multilib]
Ticket None
Created Mon Sep 26 11:20:08 2016
Issue Severity Remote Type Description
CVE-2016-7052 Medium Yes Denial of service
A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0 but was omitted from OpenSSL 1.0.2i. As a result any attempt to use CRLs in OpenSSL...
Date Advisory Package Description
27 Sep 2016 ASA-201609-28 lib32-openssl denial of service
References
https://www.openssl.org/news/secadv/20160926.txt
Notes
This issue only affects OpenSSL 1.0.2i.