thr3ads.net - CentOS - [CentOS] [Openssl]incorrect CVE mentioned in openssl changelog [Apr 2022]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Akshar Kanak

2022-Apr-08 12:53 UTC

[CentOS] [Openssl]incorrect CVE mentioned in openssl changelog

Dear team
      in latest openssl openssl-1.0.2k-25.el7_9.x86_64 , looks like there
is an issue with change logs .
      rpm -qi --changelog openssl-1.0.2k-25.el7_9.x86_64 shows me
 "
 * Wed Mar 23 2022 Dmitry Belyavskiy <dbelyavs at redhat.com> -
1:1.0.2k-25
- Fixes CVE-2022-2078 Infinite loop in BN_mod_sqrt() reachable when parsing
certificates
- Related: rhbz#2067160
"
The CVE number should be CVE-2022-0778 . Right ?
reference : https://bugzilla.redhat.com/show_bug.cgi?id=2062202

Thanks and regards
Akshar

CentOS - Apr 2022 - [Openssl]incorrect CVE mentioned in openssl changelog

[CentOS] [Openssl]incorrect CVE mentioned in openssl changelog