Mageia 8: MGASA-2022-0450 Critical: Erlang Client Authentication Bypass
mageia
December 7, 2022
In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and D...
Summary
In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before
25.0.2, there is a Client Authentication Bypass in certain
client-certification situations for SSL, TLS, and DTLS. (CVE-2022-37026)
References
- https://bugs.mageia.org/show_bug.cgi?id=31190
- https://lists.suse.com/pipermail/sle-security-updates/2022-November/013107.html
-
- https://www.cve.org/CVERecord?id=CVE-2022-37026
Topics Covered
Resolution
SRPMS
- 8/core/erlang-23.2.1-3.2.mga8
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Publication date: 06 Dec 2022
URL: https://advisories.mageia.org/MGASA-2022-0450.html
Type: security
CVE: CVE-2022-37026
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!