CVE-2017-3735 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Low
Remote	Yes
Type	Denial of service
Description	A security issue has been found in OpenSSL < 1.1.0g. If an X.509 certificate has a malformed IPAddressFamily extension, OpenSSL could do a one-byte buffer overread. The most likely result would be an erroneous display of the certificate in text format.

Group	Package	Affected	Fixed	Severity	Status
AVG-480	lib32-openssl-1.0	1.0.2.l-2	1.0.2.n-1	Medium	Fixed
AVG-479	openssl-1.0	1.0.2.l-1	1.0.2.n-1	Medium	Fixed
AVG-478	lib32-openssl	1:1.1.0.f-1	1:1.1.0.g-1	Medium	Fixed
AVG-477	openssl	1.1.0.f-2	1.1.0.g-1	Medium	Fixed

Date	Advisory	Group	Package	Severity	Type
16 Dec 2017	ASA-201712-9	AVG-479	openssl-1.0	Medium	multiple issues
17 Dec 2017	ASA-201712-11	AVG-480	lib32-openssl-1.0	Medium	multiple issues
08 Nov 2017	ASA-201711-15	AVG-478	lib32-openssl	Medium	multiple issues
07 Nov 2017	ASA-201711-14	AVG-477	openssl	Medium	multiple issues

References
https://www.openssl.org/news/vulnerabilities.html#2017-3735 https://www.openssl.org/news/secadv/20170828.txt https://github.com/openssl/openssl/commit/b23171744b01e473ebbfd6edad70c1c3825ffbcd