ELSA-2015-0066

ELSA-2015-0066 - openssl security update

Type:SECURITY
Severity:MODERATE
Release Date:2015-01-20

Description


[1.0.1e-34.7]
- fix CVE-2014-3570 - incorrect computation in BN_sqr()
- fix CVE-2014-3571 - possible crash in dtls1_get_record()
- fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state
- fix CVE-2014-8275 - various certificate fingerprint issues
- fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export
ciphersuites and on server
- fix CVE-2015-0205 - do not allow unauthenticated client DH certificate
- fix CVE-2015-0206 - possible memory leak when buffering DTLS records


Related CVEs


CVE-2014-3570
CVE-2014-3571
CVE-2014-3572
CVE-2014-8275
CVE-2015-0204
CVE-2015-0205
CVE-2015-0206

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) openssl-1.0.1e-30.el6_6.5.src.rpm2387eaacbb88e58810103a5911af2f02ELSA-2021-9150
openssl-1.0.1e-30.el6_6.5.i686.rpm4822f7927a188ee4797269b7748b8aa0ELSA-2021-9150
openssl-devel-1.0.1e-30.el6_6.5.i686.rpmb50518bac62613a9c37d39e5a55bdf9eELSA-2021-9150
openssl-perl-1.0.1e-30.el6_6.5.i686.rpma0bf67561414a94591cdbfa436209254ELSA-2021-9150
openssl-static-1.0.1e-30.el6_6.5.i686.rpmce9dd3ca7a07da0c35fcc0ed114d1052ELSA-2021-9150
Oracle Linux 6 (x86_64) openssl-1.0.1e-30.el6_6.5.src.rpm2387eaacbb88e58810103a5911af2f02ELSA-2021-9150
openssl-1.0.1e-30.el6_6.5.i686.rpm4822f7927a188ee4797269b7748b8aa0ELSA-2021-9150
openssl-1.0.1e-30.el6_6.5.x86_64.rpmb576660b72d4a448d29398b429ea5410ELSA-2021-9150
openssl-devel-1.0.1e-30.el6_6.5.i686.rpmb50518bac62613a9c37d39e5a55bdf9eELSA-2021-9150
openssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm96666783c92d18ffe86b20ff088730acELSA-2021-9150
openssl-perl-1.0.1e-30.el6_6.5.x86_64.rpmdafc42a486121c44389aaac3cf7d405eELSA-2021-9150
openssl-static-1.0.1e-30.el6_6.5.x86_64.rpme3ad217d870a9dd7dd071f96cc5bdf44ELSA-2021-9150
Oracle Linux 7 (x86_64) openssl-1.0.1e-34.el7_0.7.src.rpm7277919b6241cd800ee4ebf33af61951ELSA-2017-3518
openssl-1.0.1e-34.el7_0.7.x86_64.rpmf698a872fcb1e1d806a80d2ce64d3eceELSA-2017-3518
openssl-devel-1.0.1e-34.el7_0.7.i686.rpmc841c9f1945844bbee43f77d3a7a9745ELSA-2017-3518
openssl-devel-1.0.1e-34.el7_0.7.x86_64.rpmd25f8bb2b1c9217b319fa06c6b3f3e0fELSA-2017-3518
openssl-libs-1.0.1e-34.el7_0.7.i686.rpmc29a9654c1baf59dc0c9f613c7f23685ELSA-2017-3518
openssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm1599bb51a78e464ee8cc9058a526c282ELSA-2017-3518
openssl-perl-1.0.1e-34.el7_0.7.x86_64.rpma22b30b3bbc77688724c4e9042ea69c3ELSA-2017-3518
openssl-static-1.0.1e-34.el7_0.7.i686.rpmfc790ed25cd3273affe1d51fd0c2c376ELSA-2017-3518
openssl-static-1.0.1e-34.el7_0.7.x86_64.rpm7a035b612ddc5263017807f3d8054316ELSA-2017-3518



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete