Stay Connected:

ELSA-2009-1335

ELSA-2009-1335 - openssl security, bug fix, and enhancement update

Type:SECURITY
Impact:MODERATE
Release Date:2009-09-08

Description


[0.9.8e-12]
- abort if selftests failed and random number generator is polled
- mention EVP_aes and EVP_sha2xx routines in the manpages
- add README.FIPS

[0.9.8e-10]
- fix CVE-2009-1386 CVE-2009-1387 (DTLS DoS problems)
(#503685, #503688)

[0.9.8e-9]
- fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379
(DTLS DoS problems) (#501253, #501254, #501572)

[0.9.8e-8]
- support multiple CRLs with same subject in a store (#457134)
- fix CVE-2009-0590 - reject incorrectly encoded ASN.1 strings (#492304)
- seed FIPS rng directly from kernel random device
- do not require fipscheck to build the package (#475798)
- call pairwise key tests in FIPS mode only (#479817)
- do not crash when parsing bad mime data (#472440)


Related CVEs


CVE-2009-1386
CVE-2009-1378
CVE-2009-1387
CVE-2009-0590
CVE-2009-1377
CVE-2009-1379
CVE-2006-7250

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 5 (i386) openssl-0.9.8e-12.el5.src.rpm915d665c33ab8aaf5170a6868430df6e5cacb798274a69db7deef97e7c096ffdELEA-2017-1391el5_u4_i386_base
openssl-0.9.8e-12.el5.i386.rpm6fadd24fde87aa44db831701a8837913c55c53b5f269d66d65d6f6d6e7187bd5ELEA-2017-1391el5_u4_i386_base
openssl-0.9.8e-12.el5.i686.rpm38e1650349eeb7835b94923fdb65de5f7b406883d262cd8f9a629e9911bbd82fELEA-2017-1391el5_u4_i386_base
openssl-devel-0.9.8e-12.el5.i386.rpmd6314080bca756dd3e9062cfbcfc90a8b81c49d5a36118b84ab3d2b205778cd0ELEA-2017-1391el5_u4_i386_base
openssl-perl-0.9.8e-12.el5.i386.rpm70f93265f0fa8b409f0b0b3aa61603ef47bc3d00279e7869c85e2a0c2a4cc8a2ELEA-2017-1391el5_u4_i386_base
Oracle Linux 5 (ia64) openssl-0.9.8e-12.el5.src.rpm915d665c33ab8aaf5170a6868430df6e5cacb798274a69db7deef97e7c096ffdELEA-2017-1391el5_u4_ia64_base
openssl-0.9.8e-12.el5.i686.rpm38e1650349eeb7835b94923fdb65de5f7b406883d262cd8f9a629e9911bbd82fELEA-2017-1391el5_u4_ia64_base
openssl-0.9.8e-12.el5.ia64.rpm5e347deaa357f4f6f21e40f3b79f94e4e3a1d48c2d21693682b9eeb6f9513078ELEA-2017-1391el5_u4_ia64_base
openssl-devel-0.9.8e-12.el5.ia64.rpm2c930b97885f42ffed923f5e332d461289284b01f86fd9714db31ff42ebffe0cELEA-2017-1391el5_u4_ia64_base
openssl-perl-0.9.8e-12.el5.ia64.rpmbe8b887668fb73d378273efa2c58879c2081ce2b01a2f481280c6f5a4be8257eELEA-2017-1391el5_u4_ia64_base
Oracle Linux 5 (x86_64) openssl-0.9.8e-12.el5.src.rpm915d665c33ab8aaf5170a6868430df6e5cacb798274a69db7deef97e7c096ffdELEA-2017-1391el5_u4_x86_64_base
openssl-0.9.8e-12.el5.i686.rpm38e1650349eeb7835b94923fdb65de5f7b406883d262cd8f9a629e9911bbd82fELEA-2017-1391el5_u4_x86_64_base
openssl-0.9.8e-12.el5.x86_64.rpm19c46f284304edd3abcf03491e3ee53931ab714e0ee740253e4cd132124c3f9aELEA-2017-1391el5_u4_x86_64_base
openssl-devel-0.9.8e-12.el5.i386.rpmd6314080bca756dd3e9062cfbcfc90a8b81c49d5a36118b84ab3d2b205778cd0ELEA-2017-1391el5_u4_x86_64_base
openssl-devel-0.9.8e-12.el5.x86_64.rpm92a7c9d4280b36da18c91d25a0730244ca3ce5685a49ae219eb5f29f5fd55da2ELEA-2017-1391el5_u4_x86_64_base
openssl-perl-0.9.8e-12.el5.x86_64.rpmb1be3973ef91bf1d0182a086bb4c52dd4731b95f49dd5dce2220299ef646d995ELEA-2017-1391el5_u4_x86_64_base



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights