ID de Prueba:	1.3.6.1.4.1.25623.1.1.13.2022.076.02
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2022-076-02)
Resumen:	The remote host is missing an update for the 'openssl' package(s) announced via the SSA:2022-076-02 advisory.
Descripción:	Summary: The remote host is missing an update for the 'openssl' package(s) announced via the SSA:2022-076-02 advisory. Vulnerability Insight: New openssl packages are available for Slackware 14.2, 15.0, and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/openssl-1.1.1n-i586-1_slack15.0.txz: Upgraded. This update fixes a high severity security issue: The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. For more information, see: [links moved to references] (* Security fix *) patches/packages/openssl-solibs-1.1.1n-i586-1_slack15.0.txz: Upgraded. +--------------------------+ Affected Software/OS: 'openssl' package(s) on Slackware 14.2, Slackware 15.0, Slackware current. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-0778 https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002 https://security.netapp.com/advisory/ntap-20220321-0002/ https://security.netapp.com/advisory/ntap-20220429-0005/ https://support.apple.com/kb/HT213255 https://support.apple.com/kb/HT213256 https://support.apple.com/kb/HT213257 https://www.openssl.org/news/secadv/20220315.txt https://www.tenable.com/security/tns-2022-06 https://www.tenable.com/security/tns-2022-07 https://www.tenable.com/security/tns-2022-08 https://www.tenable.com/security/tns-2022-09 Debian Security Information: DSA-5103 (Google Search) https://www.debian.org/security/2022/dsa-5103 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/ http://seclists.org/fulldisclosure/2022/May/38 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/33 https://security.gentoo.org/glsa/202210-02 http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.