Tiny Core Linux

Tiny Core Extensions => TCE Talk => Topic started by: nick65go on February 18, 2021, 05:02:07 AM

Title: OpenSSL Security Advisory [16 February 2021]
Post by: nick65go on February 18, 2021, 05:02:07 AM

https://www.openssl.org/news/secadv/20210216.txt

Null pointer deref in X509_issuer_and_serial_hash() (CVE-2021-23841)
OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j.

Title: Re: OpenSSL Security Advisory [16 February 2021]
Post by: Juanito on February 18, 2021, 06:49:16 AM

updated in the 12.x x86 and x86_64 repos

Title: Re: OpenSSL Security Advisory [16 February 2021]
Post by: bmarkus on February 18, 2021, 07:34:47 AM

piCore-12/13 on 1.1.1 already.

Title: Re: OpenSSL Security Advisory [16 February 2021]
Post by: Juanito on February 18, 2021, 07:51:21 AM

I think the issue was an update to 1.1.1j?

Title: Re: OpenSSL Security Advisory [16 February 2021]
Post by: bmarkus on February 18, 2021, 10:35:14 AM

Quote from: Juanito on February 18, 2021, 07:51:21 AM

I think the issue was an update to 1.1.1j?

Right, I will update 1.1.g, thanks.

Title: Re: OpenSSL Security Advisory [16 February 2021]
Post by: nick65go on February 19, 2021, 10:55:22 AM

Thank you Juanito! Your quick remedy is well appreciated.