ELSA-2015-0716

ULN >
Oracle Linux Errata repository >
ELSA-2015-0716

ELSA-2015-0716 - openssl security and bug fix update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2015-03-23

Description

[1.0.1e-42.4]
- update fix for CVE-2015-0287 to what was released upstream

[1.0.1e-42.3]
- fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey()
- fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison
- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption
- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data
- fix CVE-2015-0292 - integer underflow in base64 decoder
- fix CVE-2015-0293 - triggerable assert in SSLv2 server

[1.0.1e-42.2]
- fix broken error detection when unwrapping unpadded key

[1.0.1e-42.1]
- fix the RFC 5649 for key material that does not need padding

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 7 (x86_64)	openssl-1.0.1e-42.el7_1.4.src.rpm	6ac15e2c3ffb704aaca6cba9d798d78c	ELSA-2017-3518
	openssl-1.0.1e-42.el7_1.4.x86_64.rpm	560bfb20cb7673ce05f555ab1a7a81ac	ELSA-2017-3518
	openssl-devel-1.0.1e-42.el7_1.4.i686.rpm	f4406a56fb8706f70de90aabc99ecc59	ELSA-2017-3518
	openssl-devel-1.0.1e-42.el7_1.4.x86_64.rpm	f85b0ed09ec564d917dbfbefc80c35a4	ELSA-2017-3518
	openssl-libs-1.0.1e-42.el7_1.4.i686.rpm	02f6d5a09d0097d4b428f29591423054	ELSA-2017-3518
	openssl-libs-1.0.1e-42.el7_1.4.x86_64.rpm	3417847d9faa094db8d0fbc875f57731	ELSA-2017-3518
	openssl-perl-1.0.1e-42.el7_1.4.x86_64.rpm	18dfb68087d13051113e0a9373fd739e	ELSA-2017-3518
	openssl-static-1.0.1e-42.el7_1.4.i686.rpm	6fbe0ec8864601fa90efe72deb14eee1	ELSA-2017-3518
	openssl-static-1.0.1e-42.el7_1.4.x86_64.rpm	751b735bc12770727115fb268121ffba	ELSA-2017-3518

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691