Bug 5380 - [Anolis OS 23] Bugfix for CVE-2023-2650
Summary: [Anolis OS 23] Bugfix for CVE-2023-2650
Status: RESOLVED INVALID
Alias: None
Product: Anolis OS 23
Classification: Anolis OS
Component: BaseOS Packages (show other bugs) BaseOS Packages
Version: unspecified
Hardware: All Linux
: P3-Medium S3-normal
Target Milestone: ---
Assignee: xuchunmei
QA Contact: bolong_tbl
URL:
Whiteboard:
Keywords: CVE
Depends on:
Blocks:
 
Reported: 2023-06-02 14:18 UTC by 小龙
Modified: 2023-06-03 09:22 UTC (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description 小龙 admin 2023-06-02 14:18:33 UTC 
Description:
OpenSSL的UAF,在转换ASN.1对象标识符时可能导致dos

Broken commit info:

Bugfix commit info:
Comment 1 扣肉 2023-06-03 09:22:44 UTC 
anolis 23 目前openssl 的版本是3.0.9,已经修复本CVE