USN-5051-3

Details

USN-5051-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for the openssl1.0 package in Ubuntu 18.04 LTS.

Original advisory details:

Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2021-3712)

Affected Packages

openssl1.0

Ubuntu 18.04 LTS

Fixed in:

1.0.2n-1ubuntu5.7

References

REPORT

https://ubuntu.com/security/CVE-2021-3712

ADVISORY

https://ubuntu.com/security/notices/USN-5051-3