#5367 closed enhancement (fixed)

openssl-3.1.4

Reported by: Bruce Dubbs Owned by: lfs-book
Priority: high Milestone: 12.1
Component: Website Version: git
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (4)

comment:1 by Xi Ruoyao, 14 months ago

Priority: normalhigh
  • Fix incorrect key and IV resizing issues when calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() with OSSL_PARAM parameters that alter the key or IV length ([CVE-2023-5363]).

comment:2 by Bruce Dubbs, 14 months ago

Resolution: fixed
Status: newclosed

Fixed at commit a5de784d.

comment:3 by Xi Ruoyao, 14 months ago

Component: BookWebsite
Resolution: fixed
Status: closedreopened

Reopen for a security advisory.

comment:4 by Bruce Dubbs, 14 months ago

Resolution: fixed
Status: reopenedclosed

Advisory published.

Note: See TracTickets for help on using tickets.