Displaying 1 result from an estimated 1 matches for "cms_decrypt_set1_pkey".
2019 Oct 02
1
Unable to connect/authenticate after Debian SSL update
Just applied Debian SSL updates, due to vulnerabilities reported:
"Package : openssl
CVE ID : CVE-2019-1547 CVE-2019-1549 CVE-2019-1563
Three security issues were discovered in OpenSSL: A timing attack
against
ECDSA, a padding oracle in PKCS7_dataDecode() and
CMS_decrypt_set1_pkey()
and it was discovered that a feature of the random number generator
(RNG)
intended to protect against shared RNG state between parent and child
processes in the event of a fork() syscall was not used by default.
For the oldstable distribution (stretch), these problems have been fixed
in version...