git: 728ba9ca8ef8 - main - security/vuxml: Adapt OpenSSL vuln for openssl-quictls
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 24 Mar 2023 12:37:20 UTC
The branch main has been updated by brnrd:
URL: https://cgit.FreeBSD.org/ports/commit/?id=728ba9ca8ef898510c0e486c660600c452fd69f1
commit 728ba9ca8ef898510c0e486c660600c452fd69f1
Author: Bernard Spil <brnrd@FreeBSD.org>
AuthorDate: 2023-03-24 12:36:45 +0000
Commit: Bernard Spil <brnrd@FreeBSD.org>
CommitDate: 2023-03-24 12:36:45 +0000
security/vuxml: Adapt OpenSSL vuln for openssl-quictls
---
security/vuxml/vuln/2023.xml | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml
index d0b89ac86a40..7437974a99ed 100644
--- a/security/vuxml/vuln/2023.xml
+++ b/security/vuxml/vuln/2023.xml
@@ -15,7 +15,7 @@
</package>
<package>
<name>openssl-quic</name>
- <range><lt>3.1.0</lt></range>
+ <range><lt>3.0.8_1</lt></range>
</package>
</affects>
<description>
@@ -24,11 +24,11 @@
<blockquote cite="https://www.openssl.org/news/secadv/20230322.txt">
<p>Severity: Low</p>
<p>A security vulnerability has been identified in all supported versions
- of OpenSSL related to the verification of X.509 certificate chains
- that include policy constraints. Attackers may be able to exploit this
- vulnerability by creating a malicious certificate chain that triggers
- exponential use of computational resources, leading to a denial-of-service
- (DoS) attack on affected systems.</p>
+ of OpenSSL related to the verification of X.509 certificate chains
+ that include policy constraints. Attackers may be able to exploit this
+ vulnerability by creating a malicious certificate chain that triggers
+ exponential use of computational resources, leading to a denial-of-service
+ (DoS) attack on affected systems.</p>
</blockquote>
</body>
</description>
@@ -39,6 +39,7 @@
<dates>
<discovery>2023-03-23</discovery>
<entry>2023-03-24</entry>
+ <modified>2023-03-24</modified>
</dates>
</vuln>