Test ID:	1.3.6.1.4.1.25623.1.1.13.2024.199.01
Category:	Slackware Local Security Checks
Title:	Slackware: Security Advisory (SSA:2024-199-01)
Summary:	The remote host is missing an update for the 'openssl' package(s) announced via the SSA:2024-199-01 advisory.
Description:	Summary: The remote host is missing an update for the 'openssl' package(s) announced via the SSA:2024-199-01 advisory. Vulnerability Insight: New openssl packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/openssl-1.1.1za-i586-1_slack15.0.txz: Upgraded. Apply patches to fix CVEs that were fixed by the 1.1.1{x,y,za} releases that were only available to subscribers to OpenSSL's premium extended support. These patches were prepared by backporting commits from the OpenSSL-3.0 repo. The reported version number has been updated so that vulnerability scanners calm down. All of these issues were considered to be of low severity. Thanks to Ken Zalewski for the patches! For more information, see: [links moved to references] (* Security fix *) patches/packages/openssl-solibs-1.1.1za-i586-1_slack15.0.txz: Upgraded. +--------------------------+ Affected Software/OS: 'openssl' package(s) on Slackware 15.0, Slackware current. Solution: Please install the updated package(s). CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2023-5678 1.0.2zj git commit https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055 1.1.1x git commit https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c 3.0.13 git commit https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017 3.1.5 git commit https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6 OpenSSL Advisory https://www.openssl.org/news/secadv/20231106.txt http://www.openwall.com/lists/oss-security/2024/03/11/1 Common Vulnerability Exposure (CVE) ID: CVE-2024-0727 https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539 https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8 https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2 https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c 3.2.1 git commit https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a https://www.openssl.org/news/secadv/20240125.txt Common Vulnerability Exposure (CVE) ID: CVE-2024-2511 1.1.1y git commit https://github.openssl.org/openssl/extended-releases/commit/5f8d25770ae6437db119dfc951e207271a326640 3.0.14 git commit https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d 3.1.6 git commit https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce 3.2.2 git commit https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08 https://www.openssl.org/news/secadv/20240408.txt http://www.openwall.com/lists/oss-security/2024/04/08/5 Common Vulnerability Exposure (CVE) ID: CVE-2024-4741 Common Vulnerability Exposure (CVE) ID: CVE-2024-5535
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.