ELSA-2016-3558

ELSA-2016-3558 - openssl security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2016-05-13

Description


[1.0.1e-48.1]
- fix CVE-2016-2105 - possible overflow in base64 encoding
- fix CVE-2016-2106 - possible overflow in EVP_EncryptUpdate()
- fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC
- fix CVE-2016-2108 - memory corruption in ASN.1 encoder
- fix CVE-2016-2109 - possible DoS when reading ASN.1 data from BIO
- fix CVE-2016-0799 - memory issues in BIO_printf


Related CVEs


CVE-2016-0799
CVE-2016-2105
CVE-2016-2107
CVE-2016-2842
CVE-2016-2106
CVE-2016-2108
CVE-2016-2109

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (x86_64) openssl-1.0.1e-48.ksplice1.el6_8.1.src.rpm8776625ab481804bbd606a6098c636feELSA-2021-9150
openssl-1.0.1e-48.ksplice1.el6_8.1.i686.rpm0a4b7be64241df2938241784bd825c3fELSA-2021-9150
openssl-1.0.1e-48.ksplice1.el6_8.1.x86_64.rpm2739dd9bd4cf6ab29d837b9ae55dde04ELSA-2021-9150
openssl-devel-1.0.1e-48.ksplice1.el6_8.1.i686.rpmd9a182c45878f463f54e4aa5e3fc298cELSA-2021-9150
openssl-devel-1.0.1e-48.ksplice1.el6_8.1.x86_64.rpm912f3fef763b3cef14de383d46370f0cELSA-2021-9150
openssl-perl-1.0.1e-48.ksplice1.el6_8.1.x86_64.rpm2556c60ace9320104df59e73ed88cdd0ELSA-2021-9150
openssl-static-1.0.1e-48.ksplice1.el6_8.1.x86_64.rpm6aee3e74d2c0c1339003f149ec5f091eELSA-2021-9150



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete