A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libgnutls-dev-dbgsym": "2.12.23-12ubuntu2.6", "libgnutls-openssl27-dbgsym": "2.12.23-12ubuntu2.6", "gnutls26-doc": "2.12.23-12ubuntu2.6", "libgnutls26": "2.12.23-12ubuntu2.6", "libgnutlsxx27": "2.12.23-12ubuntu2.6", "libgnutls26-dbg": "2.12.23-12ubuntu2.6", "libgnutlsxx27-dbgsym": "2.12.23-12ubuntu2.6", "gnutls-bin": "3.0.11+really2.12.23-12ubuntu2.6", "libgnutls26-dbgsym": "2.12.23-12ubuntu2.6", "gnutls-bin-dbgsym": "3.0.11+really2.12.23-12ubuntu2.6", "libgnutls-dev": "2.12.23-12ubuntu2.6", "libgnutls-openssl27": "2.12.23-12ubuntu2.6" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libssl1.0.0-udeb-dbgsym": "1.0.1f-1ubuntu2.22", "libssl-dev": "1.0.1f-1ubuntu2.22", "libssl1.0.0": "1.0.1f-1ubuntu2.22", "libssl-doc": "1.0.1f-1ubuntu2.22", "libcrypto1.0.0-udeb-dbgsym": "1.0.1f-1ubuntu2.22", "libssl1.0.0-dbg": "1.0.1f-1ubuntu2.22", "libssl-dev-dbgsym": "1.0.1f-1ubuntu2.22", "openssl": "1.0.1f-1ubuntu2.22", "openssl-dbgsym": "1.0.1f-1ubuntu2.22", "libssl1.0.0-udeb": "1.0.1f-1ubuntu2.22", "libssl1.0.0-dbgsym": "1.0.1f-1ubuntu2.22", "libcrypto1.0.0-udeb": "1.0.1f-1ubuntu2.22" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "gnutls-bin-dbgsym": "3.4.10-4ubuntu1.2", "libgnutls-openssl27-dbgsym": "3.4.10-4ubuntu1.2", "gnutls-doc": "3.4.10-4ubuntu1.2", "libgnutls28-dev": "3.4.10-4ubuntu1.2", "libgnutls-openssl27": "3.4.10-4ubuntu1.2", "guile-gnutls-dbgsym": "3.4.10-4ubuntu1.2", "libgnutlsxx28-dbgsym": "3.4.10-4ubuntu1.2", "libgnutls30": "3.4.10-4ubuntu1.2", "gnutls-bin": "3.4.10-4ubuntu1.2", "guile-gnutls": "3.4.10-4ubuntu1.2", "libgnutls30-dbgsym": "3.4.10-4ubuntu1.2", "libgnutls-dev": "3.4.10-4ubuntu1.2", "libgnutlsxx28": "3.4.10-4ubuntu1.2" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libssl1.0.0-udeb-dbgsym": "1.0.2g-1ubuntu4.6", "libssl-dev": "1.0.2g-1ubuntu4.6", "libssl1.0.0": "1.0.2g-1ubuntu4.6", "libssl-doc": "1.0.2g-1ubuntu4.6", "libcrypto1.0.0-udeb-dbgsym": "1.0.2g-1ubuntu4.6", "libssl1.0.0-dbg": "1.0.2g-1ubuntu4.6", "libssl-dev-dbgsym": "1.0.2g-1ubuntu4.6", "openssl": "1.0.2g-1ubuntu4.6", "openssl-dbgsym": "1.0.2g-1ubuntu4.6", "libssl1.0.0-udeb": "1.0.2g-1ubuntu4.6", "libssl1.0.0-dbgsym": "1.0.2g-1ubuntu4.6", "libcrypto1.0.0-udeb": "1.0.2g-1ubuntu4.6" } ] }