OESA-2023-1912

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1912

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2023-1912.json

JSON Data

https://api.osv.dev/v1/vulns/OESA-2023-1912

Upstream

CVE-2022-37026

Published

2023-12-15T11:06:28Z

Modified

2025-09-03T06:18:22.856448Z

Summary

erlang security update

Details

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson.

Security Fix(es):

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS.(CVE-2022-37026)

Database specific

{
    "severity": "Critical"
}

References

Affected packages

openEuler:22.03-LTS / erlang

Package

Name: erlang
Purl: pkg:rpm/openEuler/erlang&distro=openEuler-22.03-LTS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

23.3.4.9-3.oe2203

Ecosystem specific

{
    "x86_64": [
        "erlang-kernel-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-observer-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-odbc-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-common_test-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-debugger-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-asn1-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-runtime_tools-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-dialyzer-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-crypto-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-parsetools-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-tools-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-et-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-compiler-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-sasl-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-debugsource-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-mnesia-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-os_mon-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-examples-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-megaco-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-public_key-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-ssh-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-jinterface-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-diameter-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-wx-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-erl_interface-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-hipe-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-eldap-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-eunit-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-syntax_tools-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-tftp-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-snmp-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-ssl-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-stdlib-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-inets-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-debuginfo-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-xmerl-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-erts-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-edoc-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-reltool-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-ftp-23.3.4.9-3.oe2203.x86_64.rpm",
        "erlang-erl_docgen-23.3.4.9-3.oe2203.x86_64.rpm"
    ],
    "aarch64": [
        "erlang-parsetools-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-public_key-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-debugsource-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-os_mon-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-ftp-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-xmerl-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-debugger-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-ssl-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-runtime_tools-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-observer-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-crypto-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-dialyzer-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-wx-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-stdlib-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-et-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-eunit-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-eldap-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-tools-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-tftp-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-megaco-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-jinterface-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-erl_interface-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-diameter-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-ssh-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-reltool-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-kernel-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-erl_docgen-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-compiler-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-mnesia-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-odbc-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-hipe-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-sasl-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-inets-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-examples-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-edoc-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-snmp-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-common_test-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-asn1-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-debuginfo-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-syntax_tools-23.3.4.9-3.oe2203.aarch64.rpm",
        "erlang-erts-23.3.4.9-3.oe2203.aarch64.rpm"
    ],
    "src": [
        "erlang-23.3.4.9-3.oe2203.src.rpm"
    ]
}