Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#76140 - [openssl] CVE-2022-2068
Attached to Project:
Arch Linux
Opened by semper victus (rageltman) - Saturday, 08 October 2022, 10:49 GMT
Last edited by Toolybird (Toolybird) - Sunday, 09 October 2022, 03:37 GMT
Opened by semper victus (rageltman) - Saturday, 08 October 2022, 10:49 GMT
Last edited by Toolybird (Toolybird) - Sunday, 09 October 2022, 03:37 GMT
|
DetailsDescription: OpenSSL must be at least 1.1.1.o to provide remedy for CVE-2022-2068
Additional info: * package version(s): 1.1.1.q * link to upstream bug report: https://nvd.nist.gov/vuln/detail/CVE-2022-2068 * this CVE was published almost 1/4 of a year ago(!!!) 
CVE-2022-2068.png
(154.7 KiB)
|
This task depends upon
Closed by Toolybird (Toolybird)
Sunday, 09 October 2022, 03:37 GMT
Reason for closing: Fixed
Additional comments about closing: openssl 1.1.1.p-1
Sunday, 09 October 2022, 03:37 GMT
Reason for closing: Fixed
Additional comments about closing: openssl 1.1.1.p-1
[1] https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7
[1] https://security.archlinux.org/AVG-2765
[2] https://www.openssl.org/news/cl111.txt