Synopsis
Issued | 2025-08-05 |
Severity | Medium |
Updated Packages | kusanagi-openssl |
Affected Products | KUSANAGI 9, Business Edition, Page Speed Technology, Security Edition |
Description
An update for kusanagi-openssl is now available.
Security fix(es):
- CVE-2024-12797: RFC7250 handshakes with unauthenticated servers don't abort as expected
- CVE-2024-13176: Timing side-channel in ECDSA signature computation
- CVE-2024-9143: Low-level invalid GF(2^m) parameters lead to OOB memory access
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE information may not yet be available on those websites.