Request 1126788: Submit openssl-1_0_0 - openSUSE Build Service

Overview

Request 1126788 accepted

- Security fix: [bsc#1216922, CVE-2023-5678]
* Fix excessive time spent in DH check / generation with large Q
parameter value.
* Applications that use the functions DH_generate_key() to generate
an X9.42 DH key may experience long delays. Likewise,
applications that use DH_check_pub_key(), DH_check_pub_key_ex
() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42
DH parameters may experience long delays. Where the key or
parameters that are being checked have been obtained from an
untrusted source this may lead to a Denial of Service.
* Add openssl-CVE-2023-5678.patch

Created by ohollmann almost 1 year ago
In state accepted

Submit openssl-1_0_0

Comments for request 1126788 0

Login required, please login in order to comment

Request History

ohollmann created request almost 1 year ago

- Security fix: [bsc#1216922, CVE-2023-5678]
* Fix excessive time spent in DH check / generation with large Q
parameter value.
* Applications that use the functions DH_generate_key() to generate
an X9.42 DH key may experience long delays. Likewise,
applications that use DH_check_pub_key(), DH_check_pub_key_ex
() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42
DH parameters may experience long delays. Where the key or
parameters that are being checked have been obtained from an
untrusted source this may lead to a Denial of Service.
* Add openssl-CVE-2023-5678.patch

staging-bot added openSUSE:Factory:Staging:adi:13 as a reviewer almost 1 year ago

Being evaluated by staging project "openSUSE:Factory:Staging:adi:13"

staging-bot accepted review almost 1 year ago

Picked "openSUSE:Factory:Staging:adi:13"

factory-auto added opensuse-review-team as a reviewer almost 1 year ago

Please review sources

factory-auto accepted review almost 1 year ago

Check script succeeded

licensedigger accepted review almost 1 year ago

ok

dimstar accepted review almost 1 year ago

anag+factory accepted review almost 1 year ago

Staging Project openSUSE:Factory:Staging:adi:13 got accepted.

anag+factory approved review almost 1 year ago

Staging Project openSUSE:Factory:Staging:adi:13 got accepted.

anag+factory accepted request almost 1 year ago

Staging Project openSUSE:Factory:Staging:adi:13 got accepted.

openSUSE Build Service is sponsored by