First published: Tue Feb 27 2024(Updated: )
As a security improvement, OpenSSL will now return deterministic random bytes instead of an error when detecting wrong padding in PKCS#1 v1.5 RSA to prevent its use in possible Bleichenbacher timing attacks.
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/libssl-doc | <3.0.10-1ubuntu2.3 | 3.0.10-1ubuntu2.3 |
Ubuntu Ubuntu | =23.10 | |
All of | ||
ubuntu/libssl3 | <3.0.10-1ubuntu2.3 | 3.0.10-1ubuntu2.3 |
Ubuntu Ubuntu | =23.10 | |
All of | ||
ubuntu/openssl | <3.0.10-1ubuntu2.3 | 3.0.10-1ubuntu2.3 |
Ubuntu Ubuntu | =23.10 | |
All of | ||
ubuntu/libssl-doc | <3.0.2-0ubuntu1.15 | 3.0.2-0ubuntu1.15 |
Ubuntu Ubuntu | =22.04 | |
All of | ||
ubuntu/libssl3 | <3.0.2-0ubuntu1.15 | 3.0.2-0ubuntu1.15 |
Ubuntu Ubuntu | =22.04 | |
All of | ||
ubuntu/openssl | <3.0.2-0ubuntu1.15 | 3.0.2-0ubuntu1.15 |
Ubuntu Ubuntu | =22.04 | |
All of | ||
ubuntu/libssl-doc | <1.1.1f-1ubuntu2.22 | 1.1.1f-1ubuntu2.22 |
Ubuntu Ubuntu | =20.04 | |
All of | ||
ubuntu/libssl1.1 | <1.1.1f-1ubuntu2.22 | 1.1.1f-1ubuntu2.22 |
Ubuntu Ubuntu | =20.04 | |
All of | ||
ubuntu/openssl | <1.1.1f-1ubuntu2.22 | 1.1.1f-1ubuntu2.22 |
Ubuntu Ubuntu | =20.04 | |
All of | ||
ubuntu/libssl-doc | <1.1.1-1ubuntu2.1~18.04.23+esm5 | 1.1.1-1ubuntu2.1~18.04.23+esm5 |
Ubuntu Ubuntu | =18.04 | |
All of | ||
ubuntu/libssl1.1 | <1.1.1-1ubuntu2.1~18.04.23+esm5 | 1.1.1-1ubuntu2.1~18.04.23+esm5 |
Ubuntu Ubuntu | =18.04 | |
All of | ||
ubuntu/openssl | <1.1.1-1ubuntu2.1~18.04.23+esm5 | 1.1.1-1ubuntu2.1~18.04.23+esm5 |
Ubuntu Ubuntu | =18.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.