| Package | openssl1.0 |
|---|---|
| Version | 1.0.2u-1~deb9u9 (stretch) |
| Related CVEs | CVE-2023-3446 CVE-2023-3817 |
Two issues have been discovered in openssl, a Secure Sockets Layer toolkit. Excessively long DH key or parameter checks can cause significant delays in applications using DH_check(), DH_check_ex(), or EVP_PKEY_param_check() functions, potentially leading to Denial of Service attacks when keys or parameters are obtained from untrusted sources.
For Debian 9 stretch, these problems have been fixed in version 1.0.2u-1~deb9u9.
We recommend that you upgrade your openssl1.0 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.