[ubuntu/noble-security] erlang 1:25.3.2.8+dfsg-1ubuntu4.6 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Jan 14 13:30:36 UTC 2026
erlang (1:25.3.2.8+dfsg-1ubuntu4.6) noble-security; urgency=medium
* SECURITY UPDATE: SSL verification mishandling via extended key usage
- debian/patches/CVE-2024-53846-1.patch: CA extended key usage check in
lib/public_key/src/pubkey_cert.erl,
lib/public_key/src/public_key.erl,
lib/public_key/test/public_key_SUITE.erl.
- debian/patches/CVE-2024-53846-2.patch: peer ext-keyusage extension
should alwyas be verified if present in lib/ssl/doc/src/ssl.xml,
lib/ssl/src/ssl.erl, lib/ssl/src/ssl_certificate.erl,
lib/ssl/src/ssl_handshake.erl, lib/ssl/src/ssl_internal.hrl,
lib/ssl/src/tls_handshake_1_3.erl, lib/ssl/test/ssl_cert_SUITE.erl.
- debian/patches/CVE-2024-53846-3.patch: adjust certificate key usage
compatible check in lib/public_key/src/pubkey_cert.erl.
- CVE-2024-53846
Date: 2026-01-13 23:51:18.307747+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/erlang/1:25.3.2.8+dfsg-1ubuntu4.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list