USN-5051-3

Source
https://ubuntu.com/security/notices/USN-5051-3
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5051-3.json
JSON Data
https://api.osv.dev/v1/vulns/USN-5051-3
Related
Published
2021-08-26T12:53:57.994955Z
Modified
2021-08-26T12:53:57.994955Z
Summary
openssl1.0 vulnerability
Details

USN-5051-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for the openssl1.0 package in Ubuntu 18.04 LTS.

Original advisory details:

Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2021-3712)

References

Affected packages

Ubuntu:18.04:LTS / openssl1.0

Package

Name
openssl1.0
Purl
pkg:deb/ubuntu/openssl1.0?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2n-1ubuntu5.7

Affected versions

1.*

1.0.2n-1ubuntu2
1.0.2n-1ubuntu3
1.0.2n-1ubuntu4
1.0.2n-1ubuntu5
1.0.2n-1ubuntu5.1
1.0.2n-1ubuntu5.2
1.0.2n-1ubuntu5.3
1.0.2n-1ubuntu5.4
1.0.2n-1ubuntu5.5
1.0.2n-1ubuntu5.6

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "1.0.2n-1ubuntu5.7",
            "binary_name": "libcrypto1.0.0-udeb"
        },
        {
            "binary_version": "1.0.2n-1ubuntu5.7",
            "binary_name": "libssl1.0-dev"
        },
        {
            "binary_version": "1.0.2n-1ubuntu5.7",
            "binary_name": "libssl1.0.0"
        },
        {
            "binary_version": "1.0.2n-1ubuntu5.7",
            "binary_name": "libssl1.0.0-dbgsym"
        },
        {
            "binary_version": "1.0.2n-1ubuntu5.7",
            "binary_name": "libssl1.0.0-udeb"
        },
        {
            "binary_version": "1.0.2n-1ubuntu5.7",
            "binary_name": "openssl1.0"
        },
        {
            "binary_version": "1.0.2n-1ubuntu5.7",
            "binary_name": "openssl1.0-dbgsym"
        }
    ]
}