USN-6663-1: OpenSSL update
27 February 2024
Add implicit rejection in PKCS#1 v1.5 in OpenSSL.
Releases
Packages
- openssl - Secure Socket Layer (SSL) cryptographic library and tools
Details
As a security improvement, OpenSSL will now
return deterministic random bytes instead of an error
when detecting wrong padding in PKCS#1 v1.5 RSA
to prevent its use in possible Bleichenbacher timing attacks.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.10
Ubuntu 22.04
Ubuntu 20.04
Ubuntu 18.04
-
libssl-doc
-
1.1.1-1ubuntu2.1~18.04.23+esm5
Available with Ubuntu Pro
-
libssl1.1
-
1.1.1-1ubuntu2.1~18.04.23+esm5
Available with Ubuntu Pro
-
openssl
-
1.1.1-1ubuntu2.1~18.04.23+esm5
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.