UbuntuUpdates.org

Package "erlang-parsetools"

Name: erlang-parsetools

Description:

Erlang/OTP parsing tools

Latest version: 1:22.2.7+dfsg-1ubuntu0.2
Release: focal (20.04)
Level: security
Repository: main
Head package: erlang
Homepage: http://www.erlang.org/

Links


Download "erlang-parsetools"


Other versions of "erlang-parsetools" in Focal

Repository Area Version
base main 1:22.2.7+dfsg-1
updates main 1:22.2.7+dfsg-1ubuntu0.2

Changelog

Version: 1:22.2.7+dfsg-1ubuntu0.2 2023-05-08 10:07:14 UTC

  erlang (1:22.2.7+dfsg-1ubuntu0.2) focal-security; urgency=medium

  * SECURITY UPDATE: SSL, TLS and DTLS client authentication bypass
    - d/p/CVE-2022-37026-1.patch: fix handling of unexpected
      messages. Based on upstream patch.
    - d/p/CVE-2022-37026-2.patch: correct guard check. Based on upstream
      patch.
    - CVE-2022-37026

 -- Alex Murray <email address hidden> Wed, 26 Apr 2023 11:07:20 +0200

CVE-2022-37026 In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification



About   -   Send Feedback to @ubuntu_updates