[Git][security-tracker-team/security-tracker][master] Add new issues in openssl

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1dd1f902 by Salvatore Bonaccorso at 2026-06-09T20:41:05+02:00
Add new issues in openssl

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,74 @@
+CVE-2026-45446 [Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes]
+	- openssl <unfixed>
+	NOTE: https://openssl-library.org/news/secadv/20260609.txt
+CVE-2026-42771 [Possible Out of Bounds Read in X509_VERIFY_PARAM_set1_email()]
+	- openssl <not-affected> (Vulnerable code not present)
+	NOTE: https://openssl-library.org/news/secadv/20260609.txt
+CVE-2026-42770 [FFC-DH Peer Validation Uses Attacker-Supplied q]
+	- openssl <unfixed>
+	NOTE: https://openssl-library.org/news/secadv/20260609.txt
+CVE-2026-42769 [Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate]
+	- openssl <unfixed>
+	[bookworm] - openssl <not-affected> (Vulnerable code not present)
+	[bullseye] - openssl <not-affected> (Vulnerable code not present)
+	NOTE: https://openssl-library.org/news/secadv/20260609.txt
+CVE-2026-42768 [Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()]
+	- openssl <unfixed>
+	[bookworm] - openssl <not-affected> (Vulnerable code not present)
+	[bullseye] - openssl <not-affected> (Vulnerable code not present)
+	NOTE: https://openssl-library.org/news/secadv/20260609.txt
+CVE-2026-42767 [NULL Pointer Dereference in CRMF EncryptedValue Decryption]
+	- openssl <unfixed>
+	[bookworm] - openssl <no-dsa> (Minor issue; can be fixed in next update)
+	NOTE: https://openssl-library.org/news/secadv/20260609.txt
+CVE-2026-42766 [Possible NULL Dereference in Password-Based CMS Decryption]
+	- openssl <unfixed>
+	NOTE: https://openssl-library.org/news/secadv/20260609.txt
+CVE-2026-42765 [NULL Dereference in Certificate Verification with OCSP Checking]
+	- openssl <unfixed>
+	[trixie] - openssl <not-affected> (Vulnerable code not present)
+	[bookworm] - openssl <not-affected> (Vulnerable code not present)
+	[bullseye] - openssl <not-affected> (Vulnerable code not present)
+	NOTE: https://openssl-library.org/news/secadv/20260609.txt
+CVE-2026-34181 [PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys]
+	- openssl <unfixed>
+	[bookworm] - openssl <not-affected> (Vulnerable code not present)
+	[bullseye] - openssl <not-affected> (Vulnerable code not present)
+	NOTE: https://openssl-library.org/news/secadv/20260609.txt
+CVE-2026-34180 [Heap Buffer Over-read in ASN.1 Content Parsing]
+	- openssl <unfixed>
+	NOTE: https://openssl-library.org/news/secadv/20260609.txt
+CVE-2026-9076 [Out-of-Bounds Read in CMS Password-Based Decryption]
+	- openssl <unfixed>
+	NOTE: https://openssl-library.org/news/secadv/20260609.txt
+CVE-2026-7383 [Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion]
+	- openssl <unfixed>
+	NOTE: https://openssl-library.org/news/secadv/20260609.txt
+CVE-2026-45445 [AES-OCB IV Ignored on EVP_Cipher() Path]
+	- openssl <unfixed>
+	NOTE: https://openssl-library.org/news/secadv/20260609.txt
+CVE-2026-42764 [NULL Pointer Dereference in QUIC Server Initial Packet Handling]
+	- openssl <unfixed>
+	[bookworm] - openssl <not-affected> (Vulnerable code not present)
+	[bullseye] - openssl <not-affected> (Vulnerable code not present)
+	NOTE: https://openssl-library.org/news/secadv/20260609.txt
+CVE-2026-35188 [Double-free When Checking OCSP Stapled Response]
+	- openssl <unfixed>
+	[trixie] - openssl <not-affected> (Vulnerable code not present)
+	[bookworm] - openssl <not-affected> (Vulnerable code not present)
+	[bullseye] - openssl <not-affected> (Vulnerable code not present)
+	NOTE: https://openssl-library.org/news/secadv/20260609.txt
+CVE-2026-34183 [Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler]
+	- openssl <unfixed>
+	[bookworm] - openssl <not-affected> (Vulnerable code not present)
+	[bullseye] - openssl <not-affected> (Vulnerable code not present)
+	NOTE: https://openssl-library.org/news/secadv/20260609.txt
+CVE-2026-34182 [CMS AuthEnvelopedData Processing May Accept Forged Messages]
+	- openssl <unfixed>
+	NOTE: https://openssl-library.org/news/secadv/20260609.txt
+CVE-2026-45447 [Heap Use-After-Free in the PKCS7_verify() Function]
+	- openssl <unfixed>
+	NOTE: https://openssl-library.org/news/secadv/20260609.txt
 CVE-2026-42488
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-494.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1dd1f90278d0b7c43e6822bd45df72b18c1d5521

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1dd1f90278d0b7c43e6822bd45df72b18c1d5521
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260609/c3959ddd/attachment.htm>