OpenSSL Toolkit 3.0.5 ≈ Packet Storm

OpenSSL Toolkit 3.0.5^[6]: Site openssl.org ^[7]; OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.; Changes: The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue. An AES OCB mode issue was also addressed.; systems | unix ^[8]; advisories | CVE-2022-2097 ^[9], CVE-2022-2274 ^[10]; SHA-256 | aa7d8d9bef71ad6525c55ba11e5f4397889ce49c2c9349dcea6d3e4f0b024a7a; Download ^[11] | Favorite ^[12] | View ^[13]