| Package | openssl1.0 |
|---|---|
| Version | 1.0.2u-1~deb9u10 (stretch) |
| Related CVEs | CVE-2023-5678 CVE-2024-0727 |
Multiple vulnerabilities were discovered in OpenSSL, the Secure Sockets Layer toolkit.
CVE-2023-5678
A denial of service could occur with excessively long X9.42 DH keys.
CVE-2024-0727
A denial of service could occur with a null field in a PKCS12 file.
For Debian 9 stretch, these problems have been fixed in version 1.0.2u-1~deb9u10.
We recommend that you upgrade your openssl1.0 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.