-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2492-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 14, 2020 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : openssl Version : 1.1.0l-1~deb9u2 CVE ID : CVE-2020-1971 David Benjamin discovered a flaw in the GENERAL_NAME_cmp() function which could cause a NULL dereference, resulting in denial of service. For Debian 9 stretch, this problem has been fixed in version 1.1.0l-1~deb9u2. We recommend that you upgrade your openssl packages. For the detailed security status of openssl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openssl Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAl/XKcIACgkQnUbEiOQ2 gwLSzQ/9E5zulPuTtiJy9a8wFLV7MqUjYlDEK1UM5CLh3nS2xRhe45pL1jdVkPoa SOSY262SO3tsGtrf+py4u/wYLK/JHL85g4vZFqCId+BLAa2HhoGAIR++x+tSq9A5 k7LLWfvfFiCgPLsbOLiZlUe2sgUFl3UjW3tJ4tjP02Cj0gjlEQpOG5qbul/lThCP GBOhsO55lljyrY+bBmWIlpF/PNzXxu5b/4dYetlTG0ZklS1RO46sHmLkrZst+Lab B30c9mKKOd9sCoaNA7rMMgbJP8vJOmZGdOyJxLjVKo1z6BcEXYjhyYt9LamtWImt 8+9v0QKLUWQNW76u2cy9itd5sqA5rqUfzkv9zBix6bJswytNVCU45KLvQ7Y4M9Qq xF2LKzMPNbrv1gK5KTwVjamLa3nXPvtKGM6ZvopONwVyFgiBNXzGsLmd7v9u2YRU qqbFPt7Elzc/MDQSSM+dROWJfATjALDBh1g7pEeNqQRtK/ZRAkZdMO4YG38rG43L 8rmozg3XKzHASCCVO561kGtbyjFHjgCAmlPVJqu+0mwTM0W/mI09qSsUCSSYkvct 7HMHsTO7UwHEuTGTs2qNWoC1z78MB0P/Wrwdt7do7bBv/Epm4a6rz3N/QR/qeIIt NS3ihsh8hxBeh+Xo/Yf3J1B1pkWc44ZC6inf/gKR5ihj55cCKyc= =vciH -----END PGP SIGNATURE-----
