Stay Connected:

ELSA-2007-1003

ELSA-2007-1003 - openssl security and bug fix update

Type:SECURITY
Severity:MODERATE
Release Date:2007-11-27

Description


[0.9.7a-43.17.1]
- CVE-2007-5135 off by one buffer overflow in SSL_get_shared_ciphers (#309851)

[0.9.7a-43.17]
- use poll when reading random device (#236164)
- make ssl session ID context matching strict (#244436)
- openssl utility shouldnt crash on invalid PKCS#12 files (#245083)
- CVE-2007-3108 remove conditionals in BN_div, BN_mod and final
Montgomery reduction (#250580)


Related CVEs


CVE-2007-3108
CVE-2007-5135

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 4 (i386) openssl-0.9.7a-43.17.el4_6.1.src.rpm75bbee5903a5184f0474150595e0299eELSA-2012-0086
openssl-0.9.7a-43.17.el4_6.1.i386.rpmd1de4c0f52216bbb3569eadab0915a23ELSA-2012-0086
openssl-0.9.7a-43.17.el4_6.1.i686.rpmeb60e0a707fd2071b324c769de3ee2c8ELSA-2012-0086
openssl-devel-0.9.7a-43.17.el4_6.1.i386.rpm1ef82599cfd397ea902fbc2ea00f1defELSA-2012-0086
openssl-perl-0.9.7a-43.17.el4_6.1.i386.rpm4ff75aee7208d37f11f44ef70b2cc0cfELSA-2012-0086
Oracle Linux 4 (ia64) openssl-0.9.7a-43.17.el4_6.1.src.rpm75bbee5903a5184f0474150595e0299eELSA-2012-0086
openssl-0.9.7a-43.17.el4_6.1.i686.rpmeb60e0a707fd2071b324c769de3ee2c8ELSA-2012-0086
openssl-0.9.7a-43.17.el4_6.1.ia64.rpmb705504ab274473e26d3c17b08ed02bbELSA-2012-0086
openssl-devel-0.9.7a-43.17.el4_6.1.ia64.rpm05a08da89a2329d4a8682b40845a2afaELSA-2012-0086
openssl-perl-0.9.7a-43.17.el4_6.1.ia64.rpm5fda16345d3eaaeb3dbe93334a162f2fELSA-2012-0086
Oracle Linux 4 (x86_64) openssl-0.9.7a-43.17.el4_6.1.src.rpm75bbee5903a5184f0474150595e0299eELSA-2012-0086
openssl-0.9.7a-43.17.el4_6.1.i686.rpmeb60e0a707fd2071b324c769de3ee2c8ELSA-2012-0086
openssl-0.9.7a-43.17.el4_6.1.x86_64.rpmaa2e7b378400f1515da4d2797dae4ec5ELSA-2012-0086
openssl-devel-0.9.7a-43.17.el4_6.1.i386.rpm1ef82599cfd397ea902fbc2ea00f1defELSA-2012-0086
openssl-devel-0.9.7a-43.17.el4_6.1.x86_64.rpm4f5557f10bf98681772c565bcf61f003ELSA-2012-0086
openssl-perl-0.9.7a-43.17.el4_6.1.x86_64.rpmc4adaa98685ffc0f353e2d2df7ca3e8aELSA-2012-0086



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights