In addition to fixing multiple new vulnerabilities, version 1.1.1l also addresses the vulnerabilities resolved by version 1.1.1g:* OpenSSL library 1.1.1g has been replaced with version 1.1.1l.In addition to fixing multiple new vulnerabilities, version 1.1.1l also addresses the vulnerability resolved by version 1.1.1i: Incorrect behavior of the GENERAL_NAME_cmp function (CVE-2020-1971).* OpenSSL library 1.1.1i has been replaced with version 1.1.1l.Integer overflow in CipherUpdate (CVE-2021-23840).NULL pointer deref in signature_algorithms processing (CVE-2021-3449).CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450).In addition to fixing multiple new vulnerabilities, version 1.1.1l also addresses the vulnerabilities resolved by version 1.1.1k:* OpenSSL library 1.1.1k has been replaced with version 1.1.1l.Read buffer overruns processing ASN.1 strings (CVE-2021-3712).SM2 Decryption Buffer Overflow (CVE-2021-3711).In addition to fixing multiple new vulnerabilities, version 1.1.1n also addresses the vulnerabilities resolved by version 1.1.1l:* OpenSSL library 1.1.1l has been replaced with version 1.1.1n.For more information on the vulnerabilities resolved by this enhancement, refer to. The curl library files that are installed with the product have been upgraded to version 7.75.0, which fixes a number of potential security vulnerabilities.This upgrade is available starting in build of the curl library files. The curl library files that are installed with the product have been upgraded to version 7.80.0, which fixes a number of potential security vulnerabilities.Refer to the corresponding OpenSSL announcements at For more information on the installed library files, refer to the readme.įor more information on the OpenSSL vulnerabilities resolved by this upgrade, Version 1.1.1n also addresses vulnerabilities resolved by earlier versions of the library. BN_mod_exp may produce incorrect results on MIPS (CVE-2021-4160).
0 Comments
Leave a Reply. |