The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.

The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.

The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.

The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1. ...

The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.

Уязвимость функции tls_decrypt_ticket (ssl/t1_lib.c) библиотеки OpenSSL существует из-за недостаточной проверки входных данных, позволяющая нарушителю вызвать отказ в обслуживании

ELSA-2016-3621: openssl security update (IMPORTANT)

ELSA-2016-1940: openssl security update (IMPORTANT)

Security update for compat-openssl098

Security update for compat-openssl098

Security update for openssl

Security update for openssl

Security update for openssl1

Security update for openssl

Security update for openssl

Security update for openssl-steam

Security update for SLES 12 Docker image

Security update for SLES 12-SP1 Docker image