ELSA-2007-1003

ULN >
Oracle Linux Errata repository >
ELSA-2007-1003

ELSA-2007-1003 - openssl security and bug fix update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2007-11-27

Description

[0.9.7a-43.17.1]
- CVE-2007-5135 off by one buffer overflow in SSL_get_shared_ciphers (#309851)

[0.9.7a-43.17]
- use poll when reading random device (#236164)
- make ssl session ID context matching strict (#244436)
- openssl utility shouldnt crash on invalid PKCS#12 files (#245083)
- CVE-2007-3108 remove conditionals in BN_div, BN_mod and final
Montgomery reduction (#250580)

Related CVEs

CVE-2007-3108

CVE-2007-5135

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 4 (i386)	openssl-0.9.7a-43.17.el4_6.1.src.rpm	56f15360d7f2b6f9b638581a78059a3e54c8c9f8575be1b4d1a3dbbd262d3428	ELSA-2012-0086	el4_i386_latest
	openssl-0.9.7a-43.17.el4_6.1.src.rpm	56f15360d7f2b6f9b638581a78059a3e54c8c9f8575be1b4d1a3dbbd262d3428	ELSA-2012-0086	el4_u6_i386_base
	openssl-0.9.7a-43.17.el4_6.1.src.rpm	56f15360d7f2b6f9b638581a78059a3e54c8c9f8575be1b4d1a3dbbd262d3428	ELSA-2012-0086	el4_u7_i386_base
	openssl-0.9.7a-43.17.el4_6.1.i386.rpm	581802a56123782803bb60b33caaa1f0f795d7a5a3a85df27fd4881aa80751a7	ELSA-2012-0086	el4_i386_latest
	openssl-0.9.7a-43.17.el4_6.1.i386.rpm	581802a56123782803bb60b33caaa1f0f795d7a5a3a85df27fd4881aa80751a7	ELSA-2012-0086	el4_u6_i386_base
	openssl-0.9.7a-43.17.el4_6.1.i386.rpm	581802a56123782803bb60b33caaa1f0f795d7a5a3a85df27fd4881aa80751a7	ELSA-2012-0086	el4_u7_i386_base
	openssl-0.9.7a-43.17.el4_6.1.i686.rpm	4544955a22925942e2e57cbe8da9b4d6e13ca7e37501fd858b75410098ff061f	ELSA-2012-0086	el4_i386_latest
	openssl-0.9.7a-43.17.el4_6.1.i686.rpm	4544955a22925942e2e57cbe8da9b4d6e13ca7e37501fd858b75410098ff061f	ELSA-2012-0086	el4_u6_i386_base
	openssl-0.9.7a-43.17.el4_6.1.i686.rpm	4544955a22925942e2e57cbe8da9b4d6e13ca7e37501fd858b75410098ff061f	ELSA-2012-0086	el4_u7_i386_base
	openssl-devel-0.9.7a-43.17.el4_6.1.i386.rpm	d8226e0e3ef07a1b3bb34fa3f38d679eb2539e0faab1756b087ba8180ed9f6a4	ELSA-2012-0086	el4_i386_latest
	openssl-devel-0.9.7a-43.17.el4_6.1.i386.rpm	d8226e0e3ef07a1b3bb34fa3f38d679eb2539e0faab1756b087ba8180ed9f6a4	ELSA-2012-0086	el4_u6_i386_base
	openssl-devel-0.9.7a-43.17.el4_6.1.i386.rpm	d8226e0e3ef07a1b3bb34fa3f38d679eb2539e0faab1756b087ba8180ed9f6a4	ELSA-2012-0086	el4_u7_i386_base
	openssl-perl-0.9.7a-43.17.el4_6.1.i386.rpm	f4c005bee0acb0bf0ddffd5f44b48681510eb297965bbf8332714f22e0530cbb	ELSA-2012-0086	el4_i386_latest
	openssl-perl-0.9.7a-43.17.el4_6.1.i386.rpm	f4c005bee0acb0bf0ddffd5f44b48681510eb297965bbf8332714f22e0530cbb	ELSA-2012-0086	el4_u6_i386_base
	openssl-perl-0.9.7a-43.17.el4_6.1.i386.rpm	f4c005bee0acb0bf0ddffd5f44b48681510eb297965bbf8332714f22e0530cbb	ELSA-2012-0086	el4_u7_i386_base

Oracle Linux 4 (ia64)	openssl-0.9.7a-43.17.el4_6.1.src.rpm	56f15360d7f2b6f9b638581a78059a3e54c8c9f8575be1b4d1a3dbbd262d3428	ELSA-2012-0086	el4_ia64_latest
	openssl-0.9.7a-43.17.el4_6.1.src.rpm	56f15360d7f2b6f9b638581a78059a3e54c8c9f8575be1b4d1a3dbbd262d3428	ELSA-2012-0086	el4_u6_ia64_base
	openssl-0.9.7a-43.17.el4_6.1.src.rpm	56f15360d7f2b6f9b638581a78059a3e54c8c9f8575be1b4d1a3dbbd262d3428	ELSA-2012-0086	el4_u7_ia64_base
	openssl-0.9.7a-43.17.el4_6.1.i686.rpm	4544955a22925942e2e57cbe8da9b4d6e13ca7e37501fd858b75410098ff061f	ELSA-2012-0086	el4_ia64_latest
	openssl-0.9.7a-43.17.el4_6.1.i686.rpm	4544955a22925942e2e57cbe8da9b4d6e13ca7e37501fd858b75410098ff061f	ELSA-2012-0086	el4_u6_ia64_base
	openssl-0.9.7a-43.17.el4_6.1.i686.rpm	4544955a22925942e2e57cbe8da9b4d6e13ca7e37501fd858b75410098ff061f	ELSA-2012-0086	el4_u7_ia64_base
	openssl-0.9.7a-43.17.el4_6.1.ia64.rpm	7cdada341043af0d4e2681f6855e3eeea79f3d40992fc75ba3e2b086fe0c5500	ELSA-2012-0086	el4_ia64_latest
	openssl-0.9.7a-43.17.el4_6.1.ia64.rpm	7cdada341043af0d4e2681f6855e3eeea79f3d40992fc75ba3e2b086fe0c5500	ELSA-2012-0086	el4_u6_ia64_base
	openssl-0.9.7a-43.17.el4_6.1.ia64.rpm	7cdada341043af0d4e2681f6855e3eeea79f3d40992fc75ba3e2b086fe0c5500	ELSA-2012-0086	el4_u7_ia64_base
	openssl-devel-0.9.7a-43.17.el4_6.1.ia64.rpm	a8625304df440fa0880fa0fca289cd20ec77ddd7c2bc0482f8b6173c346d1d57	ELSA-2012-0086	el4_ia64_latest
	openssl-devel-0.9.7a-43.17.el4_6.1.ia64.rpm	a8625304df440fa0880fa0fca289cd20ec77ddd7c2bc0482f8b6173c346d1d57	ELSA-2012-0086	el4_u6_ia64_base
	openssl-devel-0.9.7a-43.17.el4_6.1.ia64.rpm	a8625304df440fa0880fa0fca289cd20ec77ddd7c2bc0482f8b6173c346d1d57	ELSA-2012-0086	el4_u7_ia64_base
	openssl-perl-0.9.7a-43.17.el4_6.1.ia64.rpm	59c4bc2013df136280b962b602a42e97a162a90ea890400fb9cbf3c9ebe8caef	ELSA-2012-0086	el4_ia64_latest
	openssl-perl-0.9.7a-43.17.el4_6.1.ia64.rpm	59c4bc2013df136280b962b602a42e97a162a90ea890400fb9cbf3c9ebe8caef	ELSA-2012-0086	el4_u6_ia64_base
	openssl-perl-0.9.7a-43.17.el4_6.1.ia64.rpm	59c4bc2013df136280b962b602a42e97a162a90ea890400fb9cbf3c9ebe8caef	ELSA-2012-0086	el4_u7_ia64_base

Oracle Linux 4 (x86_64)	openssl-0.9.7a-43.17.el4_6.1.src.rpm	56f15360d7f2b6f9b638581a78059a3e54c8c9f8575be1b4d1a3dbbd262d3428	ELSA-2012-0086	el4_u6_x86_64_base
	openssl-0.9.7a-43.17.el4_6.1.src.rpm	56f15360d7f2b6f9b638581a78059a3e54c8c9f8575be1b4d1a3dbbd262d3428	ELSA-2012-0086	el4_u7_x86_64_base
	openssl-0.9.7a-43.17.el4_6.1.src.rpm	56f15360d7f2b6f9b638581a78059a3e54c8c9f8575be1b4d1a3dbbd262d3428	ELSA-2012-0086	el4_x86_64_latest
	openssl-0.9.7a-43.17.el4_6.1.i686.rpm	4544955a22925942e2e57cbe8da9b4d6e13ca7e37501fd858b75410098ff061f	ELSA-2012-0086	el4_u6_x86_64_base
	openssl-0.9.7a-43.17.el4_6.1.i686.rpm	4544955a22925942e2e57cbe8da9b4d6e13ca7e37501fd858b75410098ff061f	ELSA-2012-0086	el4_u7_x86_64_base
	openssl-0.9.7a-43.17.el4_6.1.i686.rpm	4544955a22925942e2e57cbe8da9b4d6e13ca7e37501fd858b75410098ff061f	ELSA-2012-0086	el4_x86_64_latest
	openssl-0.9.7a-43.17.el4_6.1.x86_64.rpm	627d602bac78a795e5a70c028a1963c2a7c0c6fb8ee1021f0a52033a4a8b8695	ELSA-2012-0086	el4_u6_x86_64_base
	openssl-0.9.7a-43.17.el4_6.1.x86_64.rpm	627d602bac78a795e5a70c028a1963c2a7c0c6fb8ee1021f0a52033a4a8b8695	ELSA-2012-0086	el4_u7_x86_64_base
	openssl-0.9.7a-43.17.el4_6.1.x86_64.rpm	627d602bac78a795e5a70c028a1963c2a7c0c6fb8ee1021f0a52033a4a8b8695	ELSA-2012-0086	el4_x86_64_latest
	openssl-devel-0.9.7a-43.17.el4_6.1.i386.rpm	d8226e0e3ef07a1b3bb34fa3f38d679eb2539e0faab1756b087ba8180ed9f6a4	ELSA-2012-0086	el4_u6_x86_64_base
	openssl-devel-0.9.7a-43.17.el4_6.1.i386.rpm	d8226e0e3ef07a1b3bb34fa3f38d679eb2539e0faab1756b087ba8180ed9f6a4	ELSA-2012-0086	el4_u7_x86_64_base
	openssl-devel-0.9.7a-43.17.el4_6.1.i386.rpm	d8226e0e3ef07a1b3bb34fa3f38d679eb2539e0faab1756b087ba8180ed9f6a4	ELSA-2012-0086	el4_x86_64_latest
	openssl-devel-0.9.7a-43.17.el4_6.1.x86_64.rpm	041efaac3f6e4e7f78ea20f93a8aeb4221e6c7a3745b1470f0eaa977c0f9d5bb	ELSA-2012-0086	el4_u6_x86_64_base
	openssl-devel-0.9.7a-43.17.el4_6.1.x86_64.rpm	041efaac3f6e4e7f78ea20f93a8aeb4221e6c7a3745b1470f0eaa977c0f9d5bb	ELSA-2012-0086	el4_u7_x86_64_base
	openssl-devel-0.9.7a-43.17.el4_6.1.x86_64.rpm	041efaac3f6e4e7f78ea20f93a8aeb4221e6c7a3745b1470f0eaa977c0f9d5bb	ELSA-2012-0086	el4_x86_64_latest
	openssl-perl-0.9.7a-43.17.el4_6.1.x86_64.rpm	899f5c07f510f8a2c233cdbd080a0ebd7222a5ef0ba266484ca9de9a794d55ba	ELSA-2012-0086	el4_u6_x86_64_base
	openssl-perl-0.9.7a-43.17.el4_6.1.x86_64.rpm	899f5c07f510f8a2c233cdbd080a0ebd7222a5ef0ba266484ca9de9a794d55ba	ELSA-2012-0086	el4_u7_x86_64_base
	openssl-perl-0.9.7a-43.17.el4_6.1.x86_64.rpm	899f5c07f510f8a2c233cdbd080a0ebd7222a5ef0ba266484ca9de9a794d55ba	ELSA-2012-0086	el4_x86_64_latest

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691