[SECURITY] [DLA 2766-1] openssl security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2766-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Thorsten Alteholz
September 27, 2021 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : openssl
Version : 1.1.0l-1~deb9u4
CVE ID : CVE-2021-3712
An issue has been found in openssl, a Secure Sockets Layer toolkit.
Ingo Schwarze reported a buffer overrun flaw when processing ASN.1
strings, which can result in denial of service.
For Debian 9 stretch, this problem has been fixed in version
1.1.0l-1~deb9u4.
We recommend that you upgrade your openssl packages.
For the detailed security status of openssl please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openssl
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmFQ7kVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEdaNQ/+ILDOzjfPJTwsfWL/DZq7gPk/8AK6Li87vBOUCpFsR5vQm8Gf2nf/zyNS
FteOM3pYxqhgcb+Zhbk97BvWwyxP6gx2a7VrWtqcVqUqtdSXPn1RFusnQLov1exg
lvLNxYAys6yq5ETPjuBYFIeTLbvDQ1jll+XlBEL7REoZ7d79EK9kG/DMD+jtECL9
+P4k3ogiK9BV6yFx6RcV3dFsawBJDUwLEOHze46KpwGasUdPW5ZtNHPlFlTCnw/u
LvgbgawO7tZgJMwO8Rr77yMpZioVd2K+/C9Y3zV5ffr2rY2g+2l/nlyTd/YUSSDA
jyYkote66Q8s9KFeIGHD+igX+bpys1/1JAw8ebHatZwrZ7FJRMPhBuiutFH+ydVB
bmCJR5R0/S7XRrqhyR6WP+z8b4ZB7HlfruFpU2z8vjBb5KzRb9FLLcRNvshkguTJ
VergsspBdfLh/gZEqng7c2dsflpVmsFnlegRPtlEEmTwH309bDUWICu5XkmuYvbz
gG48lq2yTV2o0KGNOAVQhtqVUV9GF46RZa3sfO9/Ks/Buvq9c+4hzwAgp7dbl7/j
rIy+24iaP6jL077Oq7IVqmu3ZGVnaLSiPNm9AUd6LQCI3yQJJoXG1DQ/fHAzZmBE
Wlen90uWvSzyShzJndfdzsQ0/b5/OTDFvoTxYOYSKxYwTO5eHps=
=7z7o
-----END PGP SIGNATURE-----
Reply to: