CLD-685 Details

Other IDs this deficiency may be known by:

CVE ID CVE-2019-1559 (nvd) (mitre) (debian) (archlinux) (red hat) (suse) (ubuntu)
Other ID(s)

Basic Information:

Affected Package(s) openssl
Deficiency Type SECURITY
Date Created 2019-04-09 11:50:43
Date Last Modified 2019-04-09 11:58:16

Version Specific Information:

Cucumber 1.1 i686 fixed in openssl-1.0.2r-i686-1
Cucumber 1.1 x86_64 fixed in openssl-1.0.2r-x86_64-1 and openssl-lib_i686-1.0.2r-lib_i686-1


This is a security vulnerability that allowed for a padding oracle to be used
to decrypt data if an application called SSL_shutdown() twice after an error
occurred. This affects 1.0.2-1.0.2q; it was fixed in 1.0.2r. For more
information see: