CVE-2021-3601
Publication date 29 July 2022
Last updated 4 August 2025
Ubuntu priority
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. OpenSSL does not class this issue as a security vulnerability. The trusted CA store should not contain anything that the user does not trust to issue other certificates. Notes: https://github.com/openssl/openssl/issues/5236#issuecomment-119646061
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| openssl | 22.04 LTS jammy |
Not affected
|
| 20.04 LTS focal |
Not affected
|
|
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty |
Not affected
|
|
| openssl1.0 | 22.04 LTS jammy | Not in release |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release |
Notes
mdeslaur
this affects 1.0.2 and earlier only as of 2019-06-18, upstream will not be fixing this, and no fix is available we will not be fixing this issue in Ubuntu, marking as ignored as of 2022-08-05, this CVE has now been rejected, so marking as not-affected