FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
425b9538-ce5f-11ed-ade3-d4c9ef517024OpenSSL -- Multiple vulnerabilities

The OpenSSL project reports:

Severity: low

Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks.

The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification.


Discovery 2023-03-28
Entry 2023-03-29
openssl
< 1.1.1t,1_2

openssl30
< 3.0.8_2

openssl31
< 3.1.0_2

openssl-quic
< 3.0.8_2

CVE-2023-0465
CVE-2023-0466
https://www.openssl.org/news/secadv/20230328.txt