Aaron Grattafiori

**Name of the Vulnerable Software and Affected Versions** OpenSSL (affected versions not specified) **Description** A malicious server can exploit TLS OCSP stapling by delivering a crafted response through the `status request` extension. This triggers a double-free in the client's certificate verification path when the stapled response is checked. A double-free occurs when a program attempts to free the same memory location twice, which can corrupt heap memory. This may lead to a Denial of Service, attacker-controlled code execution, or other undefined behavior. OCSP stapling is not enabled by default. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider disabling OCSP stapling to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** yelp versions after 2.19.90 and before 2.24 yelp versions prior to 2.22.1-r2 **Description** The issue allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line. This can be demonstrated by the use of yelp within man or ghelp URI handlers in various programs, including Firefox and Evolution. The vulnerability may lead to a violation of confidentiality, integrity, and availability of protected information and can be exploited remotely. **Recommendations** For yelp versions after 2.19.90 and before 2.24, update to a version 2.24 or later. For yelp versions prior to 2.22.1-r2, update to version 2.22.1-r2 or later. As a temporary workaround, consider restricting the use of yelp within URI handlers until a patch is available.