ELBA-2017-3532

ELBA-2017-3532 - openssl bug fix update

Type:	BUG
Severity:	NA
Release Date:	2017-03-27

Description

[1.0.1e-57]
- fix CVE-2017-3731 - DoS via truncated packets with RC4-MD5 cipher

[1.0.1e-55]
- fix CVE-2016-8610 - DoS of single-threaded servers via excessive alerts

[1.0.1e-54]
- fix handling of ciphersuites present after the FALLBACK_SCSV
ciphersuite entry (#1386350)

[1.0.1e-53]
- add README.legacy-settings

[1.0.1e-52]
- deprecate and disable verification of insecure hash algorithms
- disallow DH keys with less than 1024 bits in TLS client
- remove support for weak and export ciphersuites
- use correct digest when exporting keying material in TLS1.2 (#1376741)

[1.0.1e-50]
- fix CVE-2016-2177 - possible integer overflow
- fix CVE-2016-2178 - non-constant time DSA operations
- fix CVE-2016-2179 - further DoS issues in DTLS
- fix CVE-2016-2180 - OOB read in TS_OBJ_print_bio()
- fix CVE-2016-2181 - DTLS1 replay protection and unprocessed records issue
- fix CVE-2016-2182 - possible buffer overflow in BN_bn2dec()
- fix CVE-2016-6302 - insufficient TLS session ticket HMAC length check
- fix CVE-2016-6304 - unbound memory growth with OCSP status request
- fix CVE-2016-6306 - certificate message OOB reads
- mitigate CVE-2016-2183 - degrade all 64bit block ciphers and RC4 to
112 bit effective strength
- replace expired testing certificates

[1.0.1e-49]
- fix CVE-2016-2105 - possible overflow in base64 encoding
- fix CVE-2016-2106 - possible overflow in EVP_EncryptUpdate()
- fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC
- fix CVE-2016-2108 - memory corruption in ASN.1 encoder
- fix CVE-2016-2109 - possible DoS when reading ASN.1 data from BIO
- fix CVE-2016-0799 - memory issues in BIO_printf

Updated Packages

Release/Architecture

Filename

MD5sum

Superseded By Advisory

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team