Updated openssl packages fix security vulnerabilitiesPublication date: 08 Nov 2017
Affected Mageia releases : 5 , 6
CVE: CVE-2017-3735 , CVE-2017-3736
If an X.509 certificate has a malformed IPAddressFamily extension, OpenSSL could do a one-byte buffer overread. The most likely result would be an erroneous display of the certificate in text format (CVE-2017-3735). There is a carry propagating bug in the x86_64 Montgomery squaring procedure (CVE-2017-3736).