ELSA-2013-0587

ELSA-2013-0587 - openssl security update

Type:SECURITY
Severity:MODERATE
Release Date:2013-03-04

Description


[1.0.0-27.2]
- fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589)
- fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052)
- enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB
environment variable is set (fixes CVE-2012-4929 #857051)
- use __secure_getenv() everywhere instead of getenv() (#839735)


Related CVEs


CVE-2013-0169
CVE-2012-4929
CVE-2013-0166

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 5 (i386) openssl-0.9.8e-26.el5_9.1.src.rpm29613f65efe2f5ee8e94bfa3f4d3e0fcELEA-2017-1391
openssl-0.9.8e-26.el5_9.1.i386.rpm49093530a5ff5de53d7419adfbd84c75ELEA-2017-1391
openssl-0.9.8e-26.el5_9.1.i686.rpmf330ea13cdc165bd713276960efe3f7dELEA-2017-1391
openssl-devel-0.9.8e-26.el5_9.1.i386.rpm1dfac10926ff368f2c5a2a3ad7015de1ELEA-2017-1391
openssl-perl-0.9.8e-26.el5_9.1.i386.rpm58044b7c0be628f73a5da4cab2d63a9cELEA-2017-1391
Oracle Linux 5 (ia64) openssl-0.9.8e-26.el5_9.1.src.rpm29613f65efe2f5ee8e94bfa3f4d3e0fcELEA-2017-1391
openssl-0.9.8e-26.el5_9.1.i686.rpmf330ea13cdc165bd713276960efe3f7dELEA-2017-1391
openssl-0.9.8e-26.el5_9.1.ia64.rpmeaa9ea4494d2179320ac21d6f079b7d7ELEA-2017-1391
openssl-devel-0.9.8e-26.el5_9.1.ia64.rpm52bcfc351aaa9d3fa89e9e8736334fa9ELEA-2017-1391
openssl-perl-0.9.8e-26.el5_9.1.ia64.rpm6b83c2d57e1cec87ad35d9b91531f35eELEA-2017-1391
Oracle Linux 5 (x86_64) openssl-0.9.8e-26.el5_9.1.src.rpm29613f65efe2f5ee8e94bfa3f4d3e0fcELEA-2017-1391
openssl-0.9.8e-26.el5_9.1.i686.rpmf330ea13cdc165bd713276960efe3f7dELEA-2017-1391
openssl-0.9.8e-26.el5_9.1.x86_64.rpm05a1487051957ab2584cd6aaa7bc16ffELEA-2017-1391
openssl-devel-0.9.8e-26.el5_9.1.i386.rpm1dfac10926ff368f2c5a2a3ad7015de1ELEA-2017-1391
openssl-devel-0.9.8e-26.el5_9.1.x86_64.rpm17b9e92ca46421585854948ba6eef9e3ELEA-2017-1391
openssl-perl-0.9.8e-26.el5_9.1.x86_64.rpmeed4f706df649ae639a05c7d067cad8aELEA-2017-1391
Oracle Linux 6 (i386) openssl-1.0.0-27.el6_4.2.src.rpm053be4eb228a5743117cf97036d5913cELSA-2021-9150
openssl-1.0.0-27.el6_4.2.i686.rpma5395e6c63315e355c0f9e2ce5966ffeELSA-2021-9150
openssl-devel-1.0.0-27.el6_4.2.i686.rpm1c8b7cd9141375e7c7b770cee29be1a9ELSA-2021-9150
openssl-perl-1.0.0-27.el6_4.2.i686.rpmaf6fee8cdc83a0f56cb83d94e36bd1d7ELSA-2021-9150
openssl-static-1.0.0-27.el6_4.2.i686.rpm493589286e7a86438c5d0bd378c8bc8fELSA-2021-9150
Oracle Linux 6 (x86_64) openssl-1.0.0-27.el6_4.2.src.rpm053be4eb228a5743117cf97036d5913cELSA-2021-9150
openssl-1.0.0-27.el6_4.2.i686.rpma5395e6c63315e355c0f9e2ce5966ffeELSA-2021-9150
openssl-1.0.0-27.el6_4.2.x86_64.rpm67afb252d0bc490b21056b8d41a652beELSA-2021-9150
openssl-devel-1.0.0-27.el6_4.2.i686.rpm1c8b7cd9141375e7c7b770cee29be1a9ELSA-2021-9150
openssl-devel-1.0.0-27.el6_4.2.x86_64.rpm60a1c23b50713350e3ade970ebb124c3ELSA-2021-9150
openssl-perl-1.0.0-27.el6_4.2.x86_64.rpm771b18e4e0929704ea4970586cef1055ELSA-2021-9150
openssl-static-1.0.0-27.el6_4.2.x86_64.rpm227c6b5ac1ea49068f4fbcfa49beacc7ELSA-2021-9150



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete