UBUNTU-CVE-2023-0464

Source
https://ubuntu.com/security/CVE-2023-0464
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-0464.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2023-0464
Related
Published
2023-03-22T17:15:00Z
Modified
2024-11-20T12:22:18Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the -policy' argument to the command line utilities or by calling theX509VERIFYPARAMset1policies()' function.

References

Affected packages

Ubuntu:Pro:14.04:LTS / openssl

Package

Name
openssl
Purl
pkg:deb/ubuntu/openssl?arch=src?distro=trusty/esm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.1f-1ubuntu2.27+esm7

Affected versions

1.*

1.0.1e-3ubuntu1
1.0.1e-4ubuntu1
1.0.1e-4ubuntu2
1.0.1e-4ubuntu3
1.0.1e-4ubuntu4
1.0.1f-1ubuntu1
1.0.1f-1ubuntu2
1.0.1f-1ubuntu2.1
1.0.1f-1ubuntu2.2
1.0.1f-1ubuntu2.3
1.0.1f-1ubuntu2.4
1.0.1f-1ubuntu2.5
1.0.1f-1ubuntu2.7
1.0.1f-1ubuntu2.8
1.0.1f-1ubuntu2.11
1.0.1f-1ubuntu2.12
1.0.1f-1ubuntu2.15
1.0.1f-1ubuntu2.16
1.0.1f-1ubuntu2.17
1.0.1f-1ubuntu2.18
1.0.1f-1ubuntu2.19
1.0.1f-1ubuntu2.20
1.0.1f-1ubuntu2.21
1.0.1f-1ubuntu2.22
1.0.1f-1ubuntu2.23
1.0.1f-1ubuntu2.24
1.0.1f-1ubuntu2.25
1.0.1f-1ubuntu2.26
1.0.1f-1ubuntu2.27
1.0.1f-1ubuntu2.27+esm1
1.0.1f-1ubuntu2.27+esm2
1.0.1f-1ubuntu2.27+esm3
1.0.1f-1ubuntu2.27+esm4
1.0.1f-1ubuntu2.27+esm5
1.0.1f-1ubuntu2.27+esm6

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "ubuntu_priority": "low",
    "binaries": [
        {
            "binary_version": "1.0.1f-1ubuntu2.27+esm7",
            "binary_name": "libcrypto1.0.0-udeb"
        },
        {
            "binary_version": "1.0.1f-1ubuntu2.27+esm7",
            "binary_name": "libcrypto1.0.0-udeb-dbgsym"
        },
        {
            "binary_version": "1.0.1f-1ubuntu2.27+esm7",
            "binary_name": "libssl-dev"
        },
        {
            "binary_version": "1.0.1f-1ubuntu2.27+esm7",
            "binary_name": "libssl-dev-dbgsym"
        },
        {
            "binary_version": "1.0.1f-1ubuntu2.27+esm7",
            "binary_name": "libssl-doc"
        },
        {
            "binary_version": "1.0.1f-1ubuntu2.27+esm7",
            "binary_name": "libssl1.0.0"
        },
        {
            "binary_version": "1.0.1f-1ubuntu2.27+esm7",
            "binary_name": "libssl1.0.0-dbg"
        },
        {
            "binary_version": "1.0.1f-1ubuntu2.27+esm7",
            "binary_name": "libssl1.0.0-dbgsym"
        },
        {
            "binary_version": "1.0.1f-1ubuntu2.27+esm7",
            "binary_name": "libssl1.0.0-udeb"
        },
        {
            "binary_version": "1.0.1f-1ubuntu2.27+esm7",
            "binary_name": "libssl1.0.0-udeb-dbgsym"
        },
        {
            "binary_version": "1.0.1f-1ubuntu2.27+esm7",
            "binary_name": "openssl"
        },
        {
            "binary_version": "1.0.1f-1ubuntu2.27+esm7",
            "binary_name": "openssl-dbgsym"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / openssl

Package

Name
openssl
Purl
pkg:deb/ubuntu/openssl?arch=src?distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2g-1ubuntu4.20+esm7

Affected versions

1.*

1.0.2d-0ubuntu1
1.0.2d-0ubuntu2
1.0.2e-1ubuntu1
1.0.2f-2ubuntu1
1.0.2g-1ubuntu2
1.0.2g-1ubuntu3
1.0.2g-1ubuntu4
1.0.2g-1ubuntu4.1
1.0.2g-1ubuntu4.2
1.0.2g-1ubuntu4.4
1.0.2g-1ubuntu4.5
1.0.2g-1ubuntu4.6
1.0.2g-1ubuntu4.8
1.0.2g-1ubuntu4.9
1.0.2g-1ubuntu4.10
1.0.2g-1ubuntu4.11
1.0.2g-1ubuntu4.12
1.0.2g-1ubuntu4.13
1.0.2g-1ubuntu4.14
1.0.2g-1ubuntu4.15
1.0.2g-1ubuntu4.16
1.0.2g-1ubuntu4.17
1.0.2g-1ubuntu4.18
1.0.2g-1ubuntu4.19
1.0.2g-1ubuntu4.20
1.0.2g-1ubuntu4.20+esm1
1.0.2g-1ubuntu4.20+esm2
1.0.2g-1ubuntu4.20+esm3
1.0.2g-1ubuntu4.20+esm4
1.0.2g-1ubuntu4.20+esm5
1.0.2g-1ubuntu4.20+esm6

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "ubuntu_priority": "low",
    "binaries": [
        {
            "binary_version": "1.0.2g-1ubuntu4.20+esm7",
            "binary_name": "libcrypto1.0.0-udeb"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.20+esm7",
            "binary_name": "libcrypto1.0.0-udeb-dbgsym"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.20+esm7",
            "binary_name": "libssl-dev"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.20+esm7",
            "binary_name": "libssl-dev-dbgsym"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.20+esm7",
            "binary_name": "libssl-doc"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.20+esm7",
            "binary_name": "libssl1.0.0"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.20+esm7",
            "binary_name": "libssl1.0.0-dbg"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.20+esm7",
            "binary_name": "libssl1.0.0-dbgsym"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.20+esm7",
            "binary_name": "libssl1.0.0-udeb"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.20+esm7",
            "binary_name": "libssl1.0.0-udeb-dbgsym"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.20+esm7",
            "binary_name": "openssl"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.20+esm7",
            "binary_name": "openssl-dbgsym"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / edk2

Package

Name
edk2
Purl
pkg:deb/ubuntu/edk2?arch=src?distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0~20150106.*

0~20150106.5c2d456b-2

0~20160104.*

0~20160104.c2a892d7-1

0~20160408.*

0~20160408.ffea0a2c-2
0~20160408.ffea0a2c-2ubuntu0.1
0~20160408.ffea0a2c-2ubuntu0.2
0~20160408.ffea0a2c-2ubuntu0.2+esm1
0~20160408.ffea0a2c-2ubuntu0.2+esm3

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:Pro:16.04:LTS / nodejs

Package

Name
nodejs
Purl
pkg:deb/ubuntu/nodejs?arch=src?distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.10.25~dfsg2-2ubuntu1

4.*

4.2.2~dfsg-1
4.2.3~dfsg-1
4.2.4~dfsg-1ubuntu1
4.2.4~dfsg-2
4.2.6~dfsg-1ubuntu1
4.2.6~dfsg-1ubuntu4
4.2.6~dfsg-1ubuntu4.1
4.2.6~dfsg-1ubuntu4.2
4.2.6~dfsg-1ubuntu4.2+esm1
4.2.6~dfsg-1ubuntu4.2+esm2
4.2.6~dfsg-1ubuntu4.2+esm3

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:Pro:FIPS:16.04:LTS / openssl

Package

Name
openssl
Purl
pkg:deb/ubuntu/openssl?arch=src?distro=fips-updates/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2g-1ubuntu4.fips.4.20.7

Affected versions

1.*

1.0.2g-1ubuntu4.fips.4.9.1
1.0.2g-1ubuntu4.fips.4.13.1
1.0.2g-1ubuntu4.fips.4.15.1
1.0.2g-1ubuntu4.fips.4.16.1
1.0.2g-1ubuntu4.fips.4.17.1
1.0.2g-1ubuntu4.fips.4.18.1
1.0.2g-1ubuntu4.fips.4.19.3
1.0.2g-1ubuntu4.fips.4.20.1
1.0.2g-1ubuntu4.fips.4.20.2
1.0.2g-1ubuntu4.fips.4.20.3
1.0.2g-1ubuntu4.fips.4.20.6

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "ubuntu_priority": "low",
    "binaries": [
        {
            "binary_version": "1.0.2g-1ubuntu4.fips.4.20.7",
            "binary_name": "libcrypto1.0.0-udeb"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.fips.4.20.7",
            "binary_name": "libcrypto1.0.0-udeb-dbgsym"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.fips.4.20.7",
            "binary_name": "libssl-dev"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.fips.4.20.7",
            "binary_name": "libssl-dev-dbgsym"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.fips.4.20.7",
            "binary_name": "libssl-doc"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.fips.4.20.7",
            "binary_name": "libssl1.0.0"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.fips.4.20.7",
            "binary_name": "libssl1.0.0-dbg"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.fips.4.20.7",
            "binary_name": "libssl1.0.0-dbgsym"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.fips.4.20.7",
            "binary_name": "libssl1.0.0-hmac"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.fips.4.20.7",
            "binary_name": "libssl1.0.0-hmac-dbgsym"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.fips.4.20.7",
            "binary_name": "libssl1.0.0-udeb"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.fips.4.20.7",
            "binary_name": "libssl1.0.0-udeb-dbgsym"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.fips.4.20.7",
            "binary_name": "openssl"
        },
        {
            "binary_version": "1.0.2g-1ubuntu4.fips.4.20.7",
            "binary_name": "openssl-dbgsym"
        }
    ]
}

Ubuntu:Pro:FIPS:16.04:LTS / openssl

Package

Name
openssl
Purl
pkg:deb/ubuntu/openssl?arch=src?distro=fips/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.0.2g-1ubuntu4.fips.4.6~ppa1
1.0.2g-1ubuntu4.fips.4.6~ppa2
1.0.2g-1ubuntu4.fips.4.6~ppa3
1.0.2g-1ubuntu4.fips.4.6
1.0.2g-1ubuntu4.fips.4.6.1
1.0.2g-1ubuntu4.fips.4.6.2
1.0.2g-1ubuntu4.fips.4.6.3

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:18.04:LTS / openssl

Package

Name
openssl
Purl
pkg:deb/ubuntu/openssl?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.1-1ubuntu2.1~18.04.22

Affected versions

1.*

1.0.2g-1ubuntu13
1.0.2g-1ubuntu14
1.0.2n-1ubuntu1
1.1.0g-2ubuntu1
1.1.0g-2ubuntu2
1.1.0g-2ubuntu3
1.1.0g-2ubuntu4
1.1.0g-2ubuntu4.1
1.1.0g-2ubuntu4.3
1.1.1-1ubuntu2.1~18.04.1
1.1.1-1ubuntu2.1~18.04.2
1.1.1-1ubuntu2.1~18.04.3
1.1.1-1ubuntu2.1~18.04.4
1.1.1-1ubuntu2.1~18.04.5
1.1.1-1ubuntu2.1~18.04.6
1.1.1-1ubuntu2.1~18.04.7
1.1.1-1ubuntu2.1~18.04.8
1.1.1-1ubuntu2.1~18.04.9
1.1.1-1ubuntu2.1~18.04.10
1.1.1-1ubuntu2.1~18.04.13
1.1.1-1ubuntu2.1~18.04.14
1.1.1-1ubuntu2.1~18.04.15
1.1.1-1ubuntu2.1~18.04.17
1.1.1-1ubuntu2.1~18.04.19
1.1.1-1ubuntu2.1~18.04.20
1.1.1-1ubuntu2.1~18.04.21

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "low",
    "binaries": [
        {
            "binary_version": "1.1.1-1ubuntu2.1~18.04.22",
            "binary_name": "libcrypto1.1-udeb"
        },
        {
            "binary_version": "1.1.1-1ubuntu2.1~18.04.22",
            "binary_name": "libssl-dev"
        },
        {
            "binary_version": "1.1.1-1ubuntu2.1~18.04.22",
            "binary_name": "libssl-doc"
        },
        {
            "binary_version": "1.1.1-1ubuntu2.1~18.04.22",
            "binary_name": "libssl1.1"
        },
        {
            "binary_version": "1.1.1-1ubuntu2.1~18.04.22",
            "binary_name": "libssl1.1-dbgsym"
        },
        {
            "binary_version": "1.1.1-1ubuntu2.1~18.04.22",
            "binary_name": "libssl1.1-udeb"
        },
        {
            "binary_version": "1.1.1-1ubuntu2.1~18.04.22",
            "binary_name": "openssl"
        },
        {
            "binary_version": "1.1.1-1ubuntu2.1~18.04.22",
            "binary_name": "openssl-dbgsym"
        }
    ]
}

Ubuntu:18.04:LTS / openssl1.0

Package

Name
openssl1.0
Purl
pkg:deb/ubuntu/openssl1.0?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2n-1ubuntu5.12

Affected versions

1.*

1.0.2n-1ubuntu2
1.0.2n-1ubuntu3
1.0.2n-1ubuntu4
1.0.2n-1ubuntu5
1.0.2n-1ubuntu5.1
1.0.2n-1ubuntu5.2
1.0.2n-1ubuntu5.3
1.0.2n-1ubuntu5.4
1.0.2n-1ubuntu5.5
1.0.2n-1ubuntu5.6
1.0.2n-1ubuntu5.7
1.0.2n-1ubuntu5.8
1.0.2n-1ubuntu5.9
1.0.2n-1ubuntu5.10
1.0.2n-1ubuntu5.11

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "low",
    "binaries": [
        {
            "binary_version": "1.0.2n-1ubuntu5.12",
            "binary_name": "libcrypto1.0.0-udeb"
        },
        {
            "binary_version": "1.0.2n-1ubuntu5.12",
            "binary_name": "libssl1.0-dev"
        },
        {
            "binary_version": "1.0.2n-1ubuntu5.12",
            "binary_name": "libssl1.0.0"
        },
        {
            "binary_version": "1.0.2n-1ubuntu5.12",
            "binary_name": "libssl1.0.0-dbgsym"
        },
        {
            "binary_version": "1.0.2n-1ubuntu5.12",
            "binary_name": "libssl1.0.0-udeb"
        },
        {
            "binary_version": "1.0.2n-1ubuntu5.12",
            "binary_name": "openssl1.0"
        },
        {
            "binary_version": "1.0.2n-1ubuntu5.12",
            "binary_name": "openssl1.0-dbgsym"
        }
    ]
}

Ubuntu:Pro:18.04:LTS / edk2

Package

Name
edk2
Purl
pkg:deb/ubuntu/edk2?arch=src?distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0~20170911.*

0~20170911.5dfba97c-1

0~20171010.*

0~20171010.234dbcef-1

0~20171027.*

0~20171027.76fd5a66-1

0~20171205.*

0~20171205.a9212288-1

0~20180105.*

0~20180105.0bc94c74-1

0~20180205.*

0~20180205.c0d9813c-1
0~20180205.c0d9813c-2
0~20180205.c0d9813c-2ubuntu0.1
0~20180205.c0d9813c-2ubuntu0.2
0~20180205.c0d9813c-2ubuntu0.3
0~20180205.c0d9813c-2ubuntu0.3+esm1
0~20180205.c0d9813c-2ubuntu0.3+esm2

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:Pro:18.04:LTS / nodejs

Package

Name
nodejs
Purl
pkg:deb/ubuntu/nodejs?arch=src?distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.11.4~dfsg-1ubuntu1
6.11.4~dfsg-1ubuntu2
6.12.0~dfsg-1ubuntu1
6.12.0~dfsg-2ubuntu1
6.12.0~dfsg-2ubuntu2

8.*

8.10.0~dfsg-2
8.10.0~dfsg-2ubuntu0.2
8.10.0~dfsg-2ubuntu0.3
8.10.0~dfsg-2ubuntu0.4
8.10.0~dfsg-2ubuntu0.4+esm1
8.10.0~dfsg-2ubuntu0.4+esm2
8.10.0~dfsg-2ubuntu0.4+esm3
8.10.0~dfsg-2ubuntu0.4+esm4
8.10.0~dfsg-2ubuntu0.4+esm5

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:Pro:FIPS-updates:18.04:LTS / openssl

Package

Name
openssl
Purl
pkg:deb/ubuntu/openssl?arch=src?distro=fips-updates/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.1-1ubuntu2.fips.2.1~18.04.22

Affected versions

1.*

1.1.1-1ubuntu2.fips.2.1~18.04.5.1
1.1.1-1ubuntu2.fips.2.1~18.04.6.1
1.1.1-1ubuntu2.fips.2.1~18.04.7.1
1.1.1-1ubuntu2.fips.2.1~18.04.9.1
1.1.1-1ubuntu2.fips.2.1~18.04.9.2
1.1.1-1ubuntu2.fips.2.1~18.04.9.3
1.1.1-1ubuntu2.fips.2.1~18.04.13.2
1.1.1-1ubuntu2.fips.2.1~18.04.15
1.1.1-1ubuntu2.fips.2.1~18.04.15.1
1.1.1-1ubuntu2.fips.2.1~18.04.15.2
1.1.1-1ubuntu2.fips.2.1~18.04.17
1.1.1-1ubuntu2.fips.2.1~18.04.20
1.1.1-1ubuntu2.fips.2.1~18.04.21

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "ubuntu_priority": "low",
    "binaries": [
        {
            "binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.22",
            "binary_name": "libcrypto1.1-udeb"
        },
        {
            "binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.22",
            "binary_name": "libssl-dev"
        },
        {
            "binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.22",
            "binary_name": "libssl-doc"
        },
        {
            "binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.22",
            "binary_name": "libssl1.1"
        },
        {
            "binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.22",
            "binary_name": "libssl1.1-dbgsym"
        },
        {
            "binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.22",
            "binary_name": "libssl1.1-hmac"
        },
        {
            "binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.22",
            "binary_name": "libssl1.1-udeb"
        },
        {
            "binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.22",
            "binary_name": "openssl"
        },
        {
            "binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.22",
            "binary_name": "openssl-dbgsym"
        }
    ]
}

Ubuntu:Pro:FIPS:18.04:LTS / openssl

Package

Name
openssl
Purl
pkg:deb/ubuntu/openssl?arch=src?distro=fips/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.1.1-1ubuntu2.fips.2.1~18.04.3.1
1.1.1-1ubuntu2.fips.2.1~18.04.15.2

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:20.04:LTS / edk2

Package

Name
edk2
Purl
pkg:deb/ubuntu/edk2?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0~20190606.*

0~20190606.20d2e5a1-2ubuntu1

0~20190828.*

0~20190828.37eef910-3
0~20190828.37eef910-4

0~20191122.*

0~20191122.bd85bf54-1
0~20191122.bd85bf54-1ubuntu1
0~20191122.bd85bf54-2
0~20191122.bd85bf54-2ubuntu1
0~20191122.bd85bf54-2ubuntu2
0~20191122.bd85bf54-2ubuntu3
0~20191122.bd85bf54-2ubuntu3.1
0~20191122.bd85bf54-2ubuntu3.2
0~20191122.bd85bf54-2ubuntu3.3
0~20191122.bd85bf54-2ubuntu3.4
0~20191122.bd85bf54-2ubuntu3.5
0~20191122.bd85bf54-2ubuntu3.6

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:20.04:LTS / openssl

Package

Name
openssl
Purl
pkg:deb/ubuntu/openssl?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.1f-1ubuntu2.18

Affected versions

1.*

1.1.1c-1ubuntu4
1.1.1d-2ubuntu3
1.1.1d-2ubuntu6
1.1.1f-1ubuntu1
1.1.1f-1ubuntu2
1.1.1f-1ubuntu2.1
1.1.1f-1ubuntu2.2
1.1.1f-1ubuntu2.3
1.1.1f-1ubuntu2.4
1.1.1f-1ubuntu2.5
1.1.1f-1ubuntu2.8
1.1.1f-1ubuntu2.9
1.1.1f-1ubuntu2.10
1.1.1f-1ubuntu2.11
1.1.1f-1ubuntu2.12
1.1.1f-1ubuntu2.13
1.1.1f-1ubuntu2.15
1.1.1f-1ubuntu2.16
1.1.1f-1ubuntu2.17

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "low",
    "binaries": [
        {
            "binary_version": "1.1.1f-1ubuntu2.18",
            "binary_name": "libcrypto1.1-udeb"
        },
        {
            "binary_version": "1.1.1f-1ubuntu2.18",
            "binary_name": "libssl-dev"
        },
        {
            "binary_version": "1.1.1f-1ubuntu2.18",
            "binary_name": "libssl-doc"
        },
        {
            "binary_version": "1.1.1f-1ubuntu2.18",
            "binary_name": "libssl1.1"
        },
        {
            "binary_version": "1.1.1f-1ubuntu2.18",
            "binary_name": "libssl1.1-dbgsym"
        },
        {
            "binary_version": "1.1.1f-1ubuntu2.18",
            "binary_name": "libssl1.1-udeb"
        },
        {
            "binary_version": "1.1.1f-1ubuntu2.18",
            "binary_name": "openssl"
        },
        {
            "binary_version": "1.1.1f-1ubuntu2.18",
            "binary_name": "openssl-dbgsym"
        }
    ]
}

Ubuntu:Pro:FIPS-updates:20.04:LTS / openssl

Package

Name
openssl
Purl
pkg:deb/ubuntu/openssl?arch=src?distro=fips-updates/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.1f-1ubuntu2.fips.18

Affected versions

1.*

1.1.1f-1ubuntu2.fips.7
1.1.1f-1ubuntu2.fips.7.2
1.1.1f-1ubuntu2.fips.12
1.1.1f-1ubuntu2.fips.13
1.1.1f-1ubuntu2.fips.13.1
1.1.1f-1ubuntu2.fips.16
1.1.1f-1ubuntu2.fips.17

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "ubuntu_priority": "low",
    "binaries": [
        {
            "binary_version": "1.1.1f-1ubuntu2.fips.18",
            "binary_name": "libcrypto1.1-udeb"
        },
        {
            "binary_version": "1.1.1f-1ubuntu2.fips.18",
            "binary_name": "libssl-dev"
        },
        {
            "binary_version": "1.1.1f-1ubuntu2.fips.18",
            "binary_name": "libssl-doc"
        },
        {
            "binary_version": "1.1.1f-1ubuntu2.fips.18",
            "binary_name": "libssl1.1"
        },
        {
            "binary_version": "1.1.1f-1ubuntu2.fips.18",
            "binary_name": "libssl1.1-dbgsym"
        },
        {
            "binary_version": "1.1.1f-1ubuntu2.fips.18",
            "binary_name": "libssl1.1-hmac"
        },
        {
            "binary_version": "1.1.1f-1ubuntu2.fips.18",
            "binary_name": "libssl1.1-udeb"
        },
        {
            "binary_version": "1.1.1f-1ubuntu2.fips.18",
            "binary_name": "openssl"
        },
        {
            "binary_version": "1.1.1f-1ubuntu2.fips.18",
            "binary_name": "openssl-dbgsym"
        }
    ]
}

Ubuntu:Pro:FIPS:20.04:LTS / openssl

Package

Name
openssl
Purl
pkg:deb/ubuntu/openssl?arch=src?distro=fips/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.1.1f-1ubuntu2.fips.2.8
1.1.1f-1ubuntu2.fips.7.1

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:22.04:LTS / edk2

Package

Name
edk2
Purl
pkg:deb/ubuntu/edk2?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2021.*

2021.08~rc0-2
2021.08-3
2021.11~rc1-1
2021.11-1
2021.11-2

2022.*

2022.02~rc1-1
2022.02~rc1-1ubuntu1
2022.02-1
2022.02-2
2022.02-3
2022.02-3ubuntu0.22.04.1
2022.02-3ubuntu0.22.04.2
2022.02-3ubuntu0.22.04.3

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:22.04:LTS / nodejs

Package

Name
nodejs
Purl
pkg:deb/ubuntu/nodejs?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

12.*

12.22.5~dfsg-5ubuntu1
12.22.7~dfsg-2ubuntu1
12.22.7~dfsg-2ubuntu3
12.22.9~dfsg-1ubuntu2
12.22.9~dfsg-1ubuntu3
12.22.9~dfsg-1ubuntu3.1
12.22.9~dfsg-1ubuntu3.2
12.22.9~dfsg-1ubuntu3.3
12.22.9~dfsg-1ubuntu3.4
12.22.9~dfsg-1ubuntu3.5
12.22.9~dfsg-1ubuntu3.6

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:22.04:LTS / openssl

Package

Name
openssl
Purl
pkg:deb/ubuntu/openssl?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.2-0ubuntu1.9

Affected versions

1.*

1.1.1l-1ubuntu1

3.*

3.0.0-1ubuntu1
3.0.1-0ubuntu1
3.0.2-0ubuntu1
3.0.2-0ubuntu1.1
3.0.2-0ubuntu1.2
3.0.2-0ubuntu1.4
3.0.2-0ubuntu1.5
3.0.2-0ubuntu1.6
3.0.2-0ubuntu1.7
3.0.2-0ubuntu1.8

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "low",
    "binaries": [
        {
            "binary_version": "3.0.2-0ubuntu1.9",
            "binary_name": "libssl-dev"
        },
        {
            "binary_version": "3.0.2-0ubuntu1.9",
            "binary_name": "libssl-doc"
        },
        {
            "binary_version": "3.0.2-0ubuntu1.9",
            "binary_name": "libssl3"
        },
        {
            "binary_version": "3.0.2-0ubuntu1.9",
            "binary_name": "libssl3-dbgsym"
        },
        {
            "binary_version": "3.0.2-0ubuntu1.9",
            "binary_name": "openssl"
        },
        {
            "binary_version": "3.0.2-0ubuntu1.9",
            "binary_name": "openssl-dbgsym"
        }
    ]
}

Ubuntu:24.04:LTS / edk2

Package

Name
edk2
Purl
pkg:deb/ubuntu/edk2?arch=src?distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2023.11-5

Affected versions

2023.*

2023.05-2
2023.11-2
2023.11-3
2023.11-4

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "low",
    "binaries": [
        {
            "binary_version": "2023.11-5",
            "binary_name": "efi-shell-aa64"
        },
        {
            "binary_version": "2023.11-5",
            "binary_name": "efi-shell-arm"
        },
        {
            "binary_version": "2023.11-5",
            "binary_name": "efi-shell-ia32"
        },
        {
            "binary_version": "2023.11-5",
            "binary_name": "efi-shell-riscv64"
        },
        {
            "binary_version": "2023.11-5",
            "binary_name": "efi-shell-x64"
        },
        {
            "binary_version": "2023.11-5",
            "binary_name": "ovmf"
        },
        {
            "binary_version": "2023.11-5",
            "binary_name": "ovmf-ia32"
        },
        {
            "binary_version": "2023.11-5",
            "binary_name": "qemu-efi-aarch64"
        },
        {
            "binary_version": "2023.11-5",
            "binary_name": "qemu-efi-arm"
        },
        {
            "binary_version": "2023.11-5",
            "binary_name": "qemu-efi-riscv64"
        }
    ]
}