AVG-34 log
| Package | lib32-openssl |
| Status | Fixed |
| Severity | Medium |
| Type | denial of service |
| Affected | 1:1.0.2.i-1 |
| Fixed | 1:1.0.2.j-1 |
| Current | 1:3.4.0-1 [multilib] |
| Ticket | None |
| Created | Mon Sep 26 11:20:08 2016 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2016-7052 | Medium | Yes | Denial of service | A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0 but was omitted from OpenSSL 1.0.2i. As a result any attempt to use CRLs in OpenSSL... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 27 Sep 2016 | ASA-201609-28 | lib32-openssl | denial of service |
| References |
|---|
https://www.openssl.org/news/secadv/20160926.txt |
| Notes |
|---|
This issue only affects OpenSSL 1.0.2i. |