UBUNTU-CVE-2023-0466
See a problem?- Source
- https://ubuntu.com/security/notices/UBUNTU-CVE-2023-0466
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-0466.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2023-0466
- Related
- Published
- 2023-03-28T15:15:00Z
- Modified
- 2023-03-28T15:15:00Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
The function X509VERIFYPARAMadd0policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509VERIFYPARAMadd0policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509VERIFYPARAMset1policies() or explicitly enable the policy check by calling X509VERIFYPARAMsetflags() with the X509VFLAGPOLICYCHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications.
- References
Affected packages
Ubuntu:Pro:14.04:LTS / openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl@1.0.1f-1ubuntu2.27+esm7?arch=src?distro=trusty/esm
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.0.1f-1ubuntu2.27+esm7
Affected versions
1.*
1.0.1e-3ubuntu1
1.0.1e-4ubuntu1
1.0.1e-4ubuntu2
1.0.1e-4ubuntu3
1.0.1e-4ubuntu4
1.0.1f-1ubuntu1
1.0.1f-1ubuntu2
1.0.1f-1ubuntu2.1
1.0.1f-1ubuntu2.2
1.0.1f-1ubuntu2.3
1.0.1f-1ubuntu2.4
1.0.1f-1ubuntu2.5
1.0.1f-1ubuntu2.7
1.0.1f-1ubuntu2.8
1.0.1f-1ubuntu2.11
1.0.1f-1ubuntu2.12
1.0.1f-1ubuntu2.15
1.0.1f-1ubuntu2.16
1.0.1f-1ubuntu2.17
1.0.1f-1ubuntu2.18
1.0.1f-1ubuntu2.19
1.0.1f-1ubuntu2.20
1.0.1f-1ubuntu2.21
1.0.1f-1ubuntu2.22
1.0.1f-1ubuntu2.23
1.0.1f-1ubuntu2.24
1.0.1f-1ubuntu2.25
1.0.1f-1ubuntu2.26
1.0.1f-1ubuntu2.27
1.0.1f-1ubuntu2.27+esm1
1.0.1f-1ubuntu2.27+esm2
1.0.1f-1ubuntu2.27+esm3
1.0.1f-1ubuntu2.27+esm4
1.0.1f-1ubuntu2.27+esm5
1.0.1f-1ubuntu2.27+esm6
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"ubuntu_priority": "negligible",
"binaries": [
{
"libssl1.0.0-udeb-dbgsym": "1.0.1f-1ubuntu2.27+esm7",
"libssl-dev": "1.0.1f-1ubuntu2.27+esm7",
"libssl1.0.0": "1.0.1f-1ubuntu2.27+esm7",
"libssl-doc": "1.0.1f-1ubuntu2.27+esm7",
"libcrypto1.0.0-udeb-dbgsym": "1.0.1f-1ubuntu2.27+esm7",
"libssl1.0.0-dbg": "1.0.1f-1ubuntu2.27+esm7",
"libssl-dev-dbgsym": "1.0.1f-1ubuntu2.27+esm7",
"openssl": "1.0.1f-1ubuntu2.27+esm7",
"openssl-dbgsym": "1.0.1f-1ubuntu2.27+esm7",
"libssl1.0.0-udeb": "1.0.1f-1ubuntu2.27+esm7",
"libssl1.0.0-dbgsym": "1.0.1f-1ubuntu2.27+esm7",
"libcrypto1.0.0-udeb": "1.0.1f-1ubuntu2.27+esm7"
}
]
}
Ubuntu:Pro:16.04:LTS / openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.20+esm7?arch=src?distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.0.2g-1ubuntu4.20+esm7
Affected versions
1.*
1.0.2d-0ubuntu1
1.0.2d-0ubuntu2
1.0.2e-1ubuntu1
1.0.2f-2ubuntu1
1.0.2g-1ubuntu2
1.0.2g-1ubuntu3
1.0.2g-1ubuntu4
1.0.2g-1ubuntu4.1
1.0.2g-1ubuntu4.2
1.0.2g-1ubuntu4.4
1.0.2g-1ubuntu4.5
1.0.2g-1ubuntu4.6
1.0.2g-1ubuntu4.8
1.0.2g-1ubuntu4.9
1.0.2g-1ubuntu4.10
1.0.2g-1ubuntu4.11
1.0.2g-1ubuntu4.12
1.0.2g-1ubuntu4.13
1.0.2g-1ubuntu4.14
1.0.2g-1ubuntu4.15
1.0.2g-1ubuntu4.16
1.0.2g-1ubuntu4.17
1.0.2g-1ubuntu4.18
1.0.2g-1ubuntu4.19
1.0.2g-1ubuntu4.20
1.0.2g-1ubuntu4.20+esm1
1.0.2g-1ubuntu4.20+esm2
1.0.2g-1ubuntu4.20+esm3
1.0.2g-1ubuntu4.20+esm4
1.0.2g-1ubuntu4.20+esm5
1.0.2g-1ubuntu4.20+esm6
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"ubuntu_priority": "negligible",
"binaries": [
{
"libssl1.0.0-udeb-dbgsym": "1.0.2g-1ubuntu4.20+esm7",
"libssl-dev": "1.0.2g-1ubuntu4.20+esm7",
"libssl1.0.0": "1.0.2g-1ubuntu4.20+esm7",
"libssl-doc": "1.0.2g-1ubuntu4.20+esm7",
"libcrypto1.0.0-udeb-dbgsym": "1.0.2g-1ubuntu4.20+esm7",
"libssl1.0.0-dbg": "1.0.2g-1ubuntu4.20+esm7",
"libssl-dev-dbgsym": "1.0.2g-1ubuntu4.20+esm7",
"openssl": "1.0.2g-1ubuntu4.20+esm7",
"openssl-dbgsym": "1.0.2g-1ubuntu4.20+esm7",
"libssl1.0.0-udeb": "1.0.2g-1ubuntu4.20+esm7",
"libssl1.0.0-dbgsym": "1.0.2g-1ubuntu4.20+esm7",
"libcrypto1.0.0-udeb": "1.0.2g-1ubuntu4.20+esm7"
}
]
}
Ubuntu:Pro:16.04:LTS / edk2
Package
- Name
- edk2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:16.04:LTS / nodejs
Package
- Name
- nodejs
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:18.04:LTS / openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.1~18.04.22?arch=src?distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.1.1-1ubuntu2.1~18.04.22
Affected versions
1.*
1.0.2g-1ubuntu13
1.0.2g-1ubuntu14
1.0.2n-1ubuntu1
1.1.0g-2ubuntu1
1.1.0g-2ubuntu2
1.1.0g-2ubuntu3
1.1.0g-2ubuntu4
1.1.0g-2ubuntu4.1
1.1.0g-2ubuntu4.3
1.1.1-1ubuntu2.1~18.04.1
1.1.1-1ubuntu2.1~18.04.2
1.1.1-1ubuntu2.1~18.04.3
1.1.1-1ubuntu2.1~18.04.4
1.1.1-1ubuntu2.1~18.04.5
1.1.1-1ubuntu2.1~18.04.6
1.1.1-1ubuntu2.1~18.04.7
1.1.1-1ubuntu2.1~18.04.8
1.1.1-1ubuntu2.1~18.04.9
1.1.1-1ubuntu2.1~18.04.10
1.1.1-1ubuntu2.1~18.04.13
1.1.1-1ubuntu2.1~18.04.14
1.1.1-1ubuntu2.1~18.04.15
1.1.1-1ubuntu2.1~18.04.17
1.1.1-1ubuntu2.1~18.04.19
1.1.1-1ubuntu2.1~18.04.20
1.1.1-1ubuntu2.1~18.04.21
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "negligible",
"binaries": [
{
"libssl-doc": "1.1.1-1ubuntu2.1~18.04.22",
"libssl-dev": "1.1.1-1ubuntu2.1~18.04.22",
"libssl1.1-dbgsym": "1.1.1-1ubuntu2.1~18.04.22",
"libssl1.1-udeb": "1.1.1-1ubuntu2.1~18.04.22",
"libssl1.1": "1.1.1-1ubuntu2.1~18.04.22",
"openssl-dbgsym": "1.1.1-1ubuntu2.1~18.04.22",
"libcrypto1.1-udeb": "1.1.1-1ubuntu2.1~18.04.22",
"openssl": "1.1.1-1ubuntu2.1~18.04.22"
}
]
}
Ubuntu:18.04:LTS / openssl1.0
Package
- Name
- openssl1.0
- Purl
- pkg:deb/ubuntu/openssl1.0@1.0.2n-1ubuntu5.12?arch=src?distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.0.2n-1ubuntu5.12
Affected versions
1.*
1.0.2n-1ubuntu2
1.0.2n-1ubuntu3
1.0.2n-1ubuntu4
1.0.2n-1ubuntu5
1.0.2n-1ubuntu5.1
1.0.2n-1ubuntu5.2
1.0.2n-1ubuntu5.3
1.0.2n-1ubuntu5.4
1.0.2n-1ubuntu5.5
1.0.2n-1ubuntu5.6
1.0.2n-1ubuntu5.7
1.0.2n-1ubuntu5.8
1.0.2n-1ubuntu5.9
1.0.2n-1ubuntu5.10
1.0.2n-1ubuntu5.11
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "negligible",
"binaries": [
{
"libssl1.0.0-dbgsym": "1.0.2n-1ubuntu5.12",
"libssl1.0-dev": "1.0.2n-1ubuntu5.12",
"openssl1.0": "1.0.2n-1ubuntu5.12",
"openssl1.0-dbgsym": "1.0.2n-1ubuntu5.12",
"libssl1.0.0-udeb": "1.0.2n-1ubuntu5.12",
"libssl1.0.0": "1.0.2n-1ubuntu5.12",
"libcrypto1.0.0-udeb": "1.0.2n-1ubuntu5.12"
}
]
}
Ubuntu:Pro:18.04:LTS / edk2
Package
- Name
- edk2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0~20170911.*
0~20170911.5dfba97c-1
0~20171010.*
0~20171010.234dbcef-1
0~20171027.*
0~20171027.76fd5a66-1
0~20171205.*
0~20171205.a9212288-1
0~20180105.*
0~20180105.0bc94c74-1
0~20180205.*
0~20180205.c0d9813c-1
0~20180205.c0d9813c-2
0~20180205.c0d9813c-2ubuntu0.1
0~20180205.c0d9813c-2ubuntu0.2
0~20180205.c0d9813c-2ubuntu0.3
0~20180205.c0d9813c-2ubuntu0.3+esm1
Ubuntu:Pro:18.04:LTS / nodejs
Package
- Name
- nodejs
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
6.*
6.11.4~dfsg-1ubuntu1
6.11.4~dfsg-1ubuntu2
6.12.0~dfsg-1ubuntu1
6.12.0~dfsg-2ubuntu1
6.12.0~dfsg-2ubuntu2
8.*
8.10.0~dfsg-2
8.10.0~dfsg-2ubuntu0.2
8.10.0~dfsg-2ubuntu0.3
8.10.0~dfsg-2ubuntu0.4
8.10.0~dfsg-2ubuntu0.4+esm1
8.10.0~dfsg-2ubuntu0.4+esm2
8.10.0~dfsg-2ubuntu0.4+esm3
8.10.0~dfsg-2ubuntu0.4+esm4
8.10.0~dfsg-2ubuntu0.4+esm5
Ubuntu:20.04:LTS / edk2
Package
- Name
- edk2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0~20190606.*
0~20190606.20d2e5a1-2ubuntu1
0~20190828.*
0~20190828.37eef910-3
0~20190828.37eef910-4
0~20191122.*
0~20191122.bd85bf54-1
0~20191122.bd85bf54-1ubuntu1
0~20191122.bd85bf54-2
0~20191122.bd85bf54-2ubuntu1
0~20191122.bd85bf54-2ubuntu2
0~20191122.bd85bf54-2ubuntu3
0~20191122.bd85bf54-2ubuntu3.1
0~20191122.bd85bf54-2ubuntu3.2
0~20191122.bd85bf54-2ubuntu3.3
0~20191122.bd85bf54-2ubuntu3.4
0~20191122.bd85bf54-2ubuntu3.5
Ubuntu:20.04:LTS / openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.18?arch=src?distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.1.1f-1ubuntu2.18
Affected versions
1.*
1.1.1c-1ubuntu4
1.1.1d-2ubuntu3
1.1.1d-2ubuntu6
1.1.1f-1ubuntu1
1.1.1f-1ubuntu2
1.1.1f-1ubuntu2.1
1.1.1f-1ubuntu2.2
1.1.1f-1ubuntu2.3
1.1.1f-1ubuntu2.4
1.1.1f-1ubuntu2.5
1.1.1f-1ubuntu2.8
1.1.1f-1ubuntu2.9
1.1.1f-1ubuntu2.10
1.1.1f-1ubuntu2.11
1.1.1f-1ubuntu2.12
1.1.1f-1ubuntu2.13
1.1.1f-1ubuntu2.15
1.1.1f-1ubuntu2.16
1.1.1f-1ubuntu2.17
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "negligible",
"binaries": [
{
"libssl-doc": "1.1.1f-1ubuntu2.18",
"libssl-dev": "1.1.1f-1ubuntu2.18",
"libssl1.1-dbgsym": "1.1.1f-1ubuntu2.18",
"libssl1.1-udeb": "1.1.1f-1ubuntu2.18",
"libssl1.1": "1.1.1f-1ubuntu2.18",
"openssl-dbgsym": "1.1.1f-1ubuntu2.18",
"libcrypto1.1-udeb": "1.1.1f-1ubuntu2.18",
"openssl": "1.1.1f-1ubuntu2.18"
}
]
}
Ubuntu:22.04:LTS / edk2
Package
- Name
- edk2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:22.04:LTS / nodejs
Package
- Name
- nodejs
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:22.04:LTS / openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.9?arch=src?distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.2-0ubuntu1.9
Affected versions
1.*
1.1.1l-1ubuntu1
3.*
3.0.0-1ubuntu1
3.0.1-0ubuntu1
3.0.2-0ubuntu1
3.0.2-0ubuntu1.1
3.0.2-0ubuntu1.2
3.0.2-0ubuntu1.4
3.0.2-0ubuntu1.5
3.0.2-0ubuntu1.6
3.0.2-0ubuntu1.7
3.0.2-0ubuntu1.8
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "negligible",
"binaries": [
{
"libssl3": "3.0.2-0ubuntu1.9",
"libssl-dev": "3.0.2-0ubuntu1.9",
"openssl-dbgsym": "3.0.2-0ubuntu1.9",
"openssl": "3.0.2-0ubuntu1.9",
"libssl-doc": "3.0.2-0ubuntu1.9",
"libssl3-dbgsym": "3.0.2-0ubuntu1.9"
}
]
}
Ubuntu:24.04:LTS / edk2
Package
- Name
- edk2
- Purl
- pkg:deb/ubuntu/edk2@2023.11-5?arch=src?distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2023.11-5
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "negligible",
"binaries": [
{
"qemu-efi-riscv64": "2023.11-5",
"efi-shell-riscv64": "2023.11-5",
"efi-shell-arm": "2023.11-5",
"qemu-efi-arm": "2023.11-5",
"ovmf-ia32": "2023.11-5",
"efi-shell-ia32": "2023.11-5",
"qemu-efi-aarch64": "2023.11-5",
"efi-shell-x64": "2023.11-5",
"ovmf": "2023.11-5",
"efi-shell-aa64": "2023.11-5"
}
]
}