{"id":"USN-6663-2","summary":"openssl update","details":"USN-6663-1 provided a security update for OpenSSL.\nThis update provides the corresponding update for\nUbuntu 16.04 LTS.\n\nOriginal advisory details:\n\n As a security improvement, this update prevents OpenSSL\n from returning an error when detecting wrong padding\n in PKCS#1 v1.5 RSA, to prevent its use in possible\n Bleichenbacher timing attacks.\n","modified":"2026-04-22T10:59:22.662785Z","published":"2024-03-13T08:04:31Z","related":["UBUNTU-CVE-2024-2408"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6663-2"},{"type":"REPORT","url":"https://launchpad.net/bugs/2054090"}],"affected":[{"package":{"name":"openssl","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.20+esm12?arch=source&distro=esm-infra/xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.2g-1ubuntu4.20+esm12"}]}],"versions":["1.0.2d-0ubuntu1","1.0.2d-0ubuntu2","1.0.2e-1ubuntu1","1.0.2f-2ubuntu1","1.0.2g-1ubuntu2","1.0.2g-1ubuntu3","1.0.2g-1ubuntu4","1.0.2g-1ubuntu4.1","1.0.2g-1ubuntu4.2","1.0.2g-1ubuntu4.4","1.0.2g-1ubuntu4.5","1.0.2g-1ubuntu4.6","1.0.2g-1ubuntu4.8","1.0.2g-1ubuntu4.9","1.0.2g-1ubuntu4.10","1.0.2g-1ubuntu4.11","1.0.2g-1ubuntu4.12","1.0.2g-1ubuntu4.13","1.0.2g-1ubuntu4.14","1.0.2g-1ubuntu4.15","1.0.2g-1ubuntu4.16","1.0.2g-1ubuntu4.17","1.0.2g-1ubuntu4.18","1.0.2g-1ubuntu4.19","1.0.2g-1ubuntu4.20","1.0.2g-1ubuntu4.20+esm1","1.0.2g-1ubuntu4.20+esm2","1.0.2g-1ubuntu4.20+esm3","1.0.2g-1ubuntu4.20+esm4","1.0.2g-1ubuntu4.20+esm5","1.0.2g-1ubuntu4.20+esm6","1.0.2g-1ubuntu4.20+esm7","1.0.2g-1ubuntu4.20+esm9","1.0.2g-1ubuntu4.20+esm10","1.0.2g-1ubuntu4.20+esm11"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro","binaries":[{"binary_name":"libssl1.0.0","binary_version":"1.0.2g-1ubuntu4.20+esm12"},{"binary_name":"openssl","binary_version":"1.0.2g-1ubuntu4.20+esm12"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6663-2.json","cves_map":{"ecosystem":"Ubuntu:Pro:16.04:LTS","cves":[]}}}],"schema_version":"1.7.5"}