ELSA-2009-1335

ELSA-2009-1335 - openssl security, bug fix, and enhancement update

Type:SECURITY
Severity:MODERATE
Release Date:2009-09-08

Description


[0.9.8e-12]
- abort if selftests failed and random number generator is polled
- mention EVP_aes and EVP_sha2xx routines in the manpages
- add README.FIPS

[0.9.8e-10]
- fix CVE-2009-1386 CVE-2009-1387 (DTLS DoS problems)
(#503685, #503688)

[0.9.8e-9]
- fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379
(DTLS DoS problems) (#501253, #501254, #501572)

[0.9.8e-8]
- support multiple CRLs with same subject in a store (#457134)
- fix CVE-2009-0590 - reject incorrectly encoded ASN.1 strings (#492304)
- seed FIPS rng directly from kernel random device
- do not require fipscheck to build the package (#475798)
- call pairwise key tests in FIPS mode only (#479817)
- do not crash when parsing bad mime data (#472440)


Related CVEs


CVE-2009-0590
CVE-2009-1377
CVE-2009-1378
CVE-2009-1379
CVE-2009-1386
CVE-2009-1387
CVE-2006-7250

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 5 (i386) openssl-0.9.8e-12.el5.src.rpm643716e69134d98d1bd021c0449cee03ELEA-2017-1391
openssl-0.9.8e-12.el5.i386.rpm80748b8bfcee509099fb49e9560868d1ELEA-2017-1391
openssl-0.9.8e-12.el5.i686.rpm927a00b4b69e90de0974c4d0290996e8ELEA-2017-1391
openssl-devel-0.9.8e-12.el5.i386.rpm9a86c50a728e9cea8ae0e1c61493e2b3ELEA-2017-1391
openssl-perl-0.9.8e-12.el5.i386.rpm104677351fb85ad2e3f67571fd9caacdELEA-2017-1391
Oracle Linux 5 (ia64) openssl-0.9.8e-12.el5.src.rpm643716e69134d98d1bd021c0449cee03ELEA-2017-1391
openssl-0.9.8e-12.el5.i686.rpm927a00b4b69e90de0974c4d0290996e8ELEA-2017-1391
openssl-0.9.8e-12.el5.ia64.rpm99bf394bedc44b5c2f02d38dcafe1ec6ELEA-2017-1391
openssl-devel-0.9.8e-12.el5.ia64.rpm98e80e89f6e9944b51666b5700cdc424ELEA-2017-1391
openssl-perl-0.9.8e-12.el5.ia64.rpmef0f291d4f329212a3add4d89baa2440ELEA-2017-1391
Oracle Linux 5 (x86_64) openssl-0.9.8e-12.el5.src.rpm643716e69134d98d1bd021c0449cee03ELEA-2017-1391
openssl-0.9.8e-12.el5.i686.rpm927a00b4b69e90de0974c4d0290996e8ELEA-2017-1391
openssl-0.9.8e-12.el5.x86_64.rpmaa70f6cfe22fa89a3451de155b53d23cELEA-2017-1391
openssl-devel-0.9.8e-12.el5.i386.rpm9a86c50a728e9cea8ae0e1c61493e2b3ELEA-2017-1391
openssl-devel-0.9.8e-12.el5.x86_64.rpm9bc4c07dbcb5febc7793b574f88d396dELEA-2017-1391
openssl-perl-0.9.8e-12.el5.x86_64.rpmebf8dbf62dfeed20a35499873947341cELEA-2017-1391



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete