FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

OpenSSL -- potential loss of confidentiality

Affected packages
openssl < 3.0.12,1
openssl31 < 3.1.4
openssl-quictls < 3.0.12

Details

VuXML ID 4a4712ae-7299-11ee-85eb-84a93843eb75
Discovery 2023-10-24
Entry 2023-10-24

The OpenSSL team reports:

Moderate severity: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers.

[source]

References

CVE Name CVE-2023-5363
URL https://www.openssl.org/news/secadv/20231024.txt

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.