FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
1a802ba9-f444-11e6-9940-b499baebfeaf	openssl -- crash on handshake The OpenSSL project reports: Severity: High During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL to crash (dependent on ciphersuite). Both clients and servers are affected. This issue does not affect OpenSSL version 1.0.2. Discovery 2017-02-16 Entry 2017-02-16 openssl-devel < 1.1.0e https://www.openssl.org/news/secadv/20170216.txt CVE-2017-3733

VuXML ID

Description

1a802ba9-f444-11e6-9940-b499baebfeaf

openssl -- crash on handshake

The OpenSSL project reports:

Severity: High

During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL to crash (dependent on ciphersuite). Both clients and servers are affected.

This issue does not affect OpenSSL version 1.0.2.

Discovery 2017-02-16
Entry 2017-02-16
openssl-devel

< 1.1.0e

https://www.openssl.org/news/secadv/20170216.txt
CVE-2017-3733