dev-libs/

openssl

Security Bug Reports

• <dev-libs/openssl-{3.1.8, 3.2.4, 3.3.3}: RFC7250 handshakes with unauthenticated servers don't abort as expected

  949620 - Assigned to Gentoo Security
• <dev-libs/openssl-{3.0.15-r1, 3.1.7-r1, 3.2.3-r1, 3.3.2-r1}: Low-level invalid GF(2^m) parameters lead to OOB memory access

  941643 - Assigned to Gentoo Security
• <dev-libs/openssl-{3.0.15, 3.1.7, 3.2.3, 3.3.2}: denial of service

  939110 - Assigned to Gentoo Security
• <dev-libs/openssl-{3.0.13, 3.1.5, 3.2.1}: multiple vulnerabilities

  921684 - Assigned to Gentoo Security
• <dev-libs/openssl-{3.0.14, 3.1.6, 3.2.2}: Checking excessively long DSA keys or parameters may be very slow

  932317 - Assigned to Gentoo Security
• <dev-libs/openssl-{3.1.8, 3.2.4, 3.3.3}: Timing side-channel in ECDSA signature computation

  948515 - Assigned to Gentoo Security
• <dev-libs/openssl-{3.0.13-r1, 3.1.5-r2, 3.2.1-r2}: Unbounded memory growth with session handling in TLSv1.3

  930047 - Assigned to Gentoo Security