Stay Connected:

ELSA-2010-0162

ELSA-2010-0162 - openssl security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2010-03-25

Description



[0.9.8e-12.6]
- fix CVE-2009-3245 - add missing bn_wexpand return checks (#570924)

[0.9.8e-12.5]
- fix CVE-2010-0433 - do not pass NULL princ to krb5_kt_get_entry which
in the RHEL-5 and newer versions will crash in such case (#569774)

[0.9.8e-12.4]
- do not disable SSLv2 in the renegotiation patch - SSLv2 does
not support renegotiation
- allow unsafe renegotiation on clients with SSL_OP_LEGACY_SERVER_CONNECT

[0.9.8e-12.3]
- mention the RFC5746 in the CVE-2009-3555 doc

[0.9.8e-12.2]
- fix CVE-2009-3555 - support the safe renegotiation extension and
do not allow legacy renegotiation on the server by default (#533125)


Related CVEs


CVE-2010-0433
CVE-2009-3245
CVE-2009-3555

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 5 (i386) openssl-0.9.8e-12.el5_4.6.src.rpm5c72bca259484649973db46a7c2e27eaa887f0d520aa09c1c93cde7e3b182c74ELEA-2017-1391el5_u4_i386_patch
openssl-0.9.8e-12.el5_4.6.src.rpm5c72bca259484649973db46a7c2e27eaa887f0d520aa09c1c93cde7e3b182c74ELEA-2017-1391el5_u5_i386_base
openssl-0.9.8e-12.el5_4.6.i386.rpm6ad5ca332480c178f6bdcd12309bc362e14875207beba3be5885b33cbbc67e4fELEA-2017-1391el5_u4_i386_patch
openssl-0.9.8e-12.el5_4.6.i386.rpm6ad5ca332480c178f6bdcd12309bc362e14875207beba3be5885b33cbbc67e4fELEA-2017-1391el5_u5_i386_base
openssl-0.9.8e-12.el5_4.6.i686.rpmc91299ca920e7105545b0cec8efaaecf7605ab0883054ef7f3bfe81b6b9a6753ELEA-2017-1391el5_u4_i386_patch
openssl-0.9.8e-12.el5_4.6.i686.rpmc91299ca920e7105545b0cec8efaaecf7605ab0883054ef7f3bfe81b6b9a6753ELEA-2017-1391el5_u5_i386_base
openssl-devel-0.9.8e-12.el5_4.6.i386.rpm2dca5213115603430029730d317e391ab8a49602c9b7a8030ac634c2f510dbd7ELEA-2017-1391el5_u4_i386_patch
openssl-devel-0.9.8e-12.el5_4.6.i386.rpm2dca5213115603430029730d317e391ab8a49602c9b7a8030ac634c2f510dbd7ELEA-2017-1391el5_u5_i386_base
openssl-perl-0.9.8e-12.el5_4.6.i386.rpmc771594f0a424236963af0a6e94f8d34a4694932707af0200ad3c8da32ae91dbELEA-2017-1391el5_u4_i386_patch
openssl-perl-0.9.8e-12.el5_4.6.i386.rpmc771594f0a424236963af0a6e94f8d34a4694932707af0200ad3c8da32ae91dbELEA-2017-1391el5_u5_i386_base
Oracle Linux 5 (ia64) openssl-0.9.8e-12.el5_4.6.src.rpm5c72bca259484649973db46a7c2e27eaa887f0d520aa09c1c93cde7e3b182c74ELEA-2017-1391el5_u4_ia64_patch
openssl-0.9.8e-12.el5_4.6.src.rpm5c72bca259484649973db46a7c2e27eaa887f0d520aa09c1c93cde7e3b182c74ELEA-2017-1391el5_u5_ia64_base
openssl-0.9.8e-12.el5_4.6.src.rpm5c72bca259484649973db46a7c2e27eaa887f0d520aa09c1c93cde7e3b182c74ELEA-2017-1391ol5_ia64_latest
openssl-0.9.8e-12.el5_4.6.i686.rpmc91299ca920e7105545b0cec8efaaecf7605ab0883054ef7f3bfe81b6b9a6753ELEA-2017-1391el5_u4_ia64_patch
openssl-0.9.8e-12.el5_4.6.i686.rpmc91299ca920e7105545b0cec8efaaecf7605ab0883054ef7f3bfe81b6b9a6753ELEA-2017-1391el5_u5_ia64_base
openssl-0.9.8e-12.el5_4.6.i686.rpmc91299ca920e7105545b0cec8efaaecf7605ab0883054ef7f3bfe81b6b9a6753ELEA-2017-1391ol5_ia64_latest
openssl-0.9.8e-12.el5_4.6.ia64.rpmbe01d578fa316865b4fc00ad9b0038d5e71d1557f8cab1f91d59c52943065ac3ELEA-2017-1391el5_u4_ia64_patch
openssl-0.9.8e-12.el5_4.6.ia64.rpmbe01d578fa316865b4fc00ad9b0038d5e71d1557f8cab1f91d59c52943065ac3ELEA-2017-1391el5_u5_ia64_base
openssl-0.9.8e-12.el5_4.6.ia64.rpmbe01d578fa316865b4fc00ad9b0038d5e71d1557f8cab1f91d59c52943065ac3ELEA-2017-1391ol5_ia64_latest
openssl-devel-0.9.8e-12.el5_4.6.ia64.rpm356ccf66184f9b19d89d258b61d9296a722c4e2a4fdaaccb69f49b35bfe6ce35ELEA-2017-1391el5_u4_ia64_patch
openssl-devel-0.9.8e-12.el5_4.6.ia64.rpm356ccf66184f9b19d89d258b61d9296a722c4e2a4fdaaccb69f49b35bfe6ce35ELEA-2017-1391el5_u5_ia64_base
openssl-devel-0.9.8e-12.el5_4.6.ia64.rpm356ccf66184f9b19d89d258b61d9296a722c4e2a4fdaaccb69f49b35bfe6ce35ELEA-2017-1391ol5_ia64_latest
openssl-perl-0.9.8e-12.el5_4.6.ia64.rpm83a504f10c3e4653babe22a10c2d04828e3083e01e221f9e05971ff8b122a4baELEA-2017-1391el5_u4_ia64_patch
openssl-perl-0.9.8e-12.el5_4.6.ia64.rpm83a504f10c3e4653babe22a10c2d04828e3083e01e221f9e05971ff8b122a4baELEA-2017-1391el5_u5_ia64_base
openssl-perl-0.9.8e-12.el5_4.6.ia64.rpm83a504f10c3e4653babe22a10c2d04828e3083e01e221f9e05971ff8b122a4baELEA-2017-1391ol5_ia64_latest
Oracle Linux 5 (x86_64) openssl-0.9.8e-12.el5_4.6.src.rpm5c72bca259484649973db46a7c2e27eaa887f0d520aa09c1c93cde7e3b182c74ELEA-2017-1391el5_u4_x86_64_patch
openssl-0.9.8e-12.el5_4.6.src.rpm5c72bca259484649973db46a7c2e27eaa887f0d520aa09c1c93cde7e3b182c74ELEA-2017-1391el5_u5_x86_64_base
openssl-0.9.8e-12.el5_4.6.i686.rpmc91299ca920e7105545b0cec8efaaecf7605ab0883054ef7f3bfe81b6b9a6753ELEA-2017-1391el5_u4_x86_64_patch
openssl-0.9.8e-12.el5_4.6.i686.rpmc91299ca920e7105545b0cec8efaaecf7605ab0883054ef7f3bfe81b6b9a6753ELEA-2017-1391el5_u5_x86_64_base
openssl-0.9.8e-12.el5_4.6.x86_64.rpm4818a54ea2964127aee667ce86cc4f4172fa11542f6ab74edbd11e8ae9476a36ELEA-2017-1391el5_u4_x86_64_patch
openssl-0.9.8e-12.el5_4.6.x86_64.rpm4818a54ea2964127aee667ce86cc4f4172fa11542f6ab74edbd11e8ae9476a36ELEA-2017-1391el5_u5_x86_64_base
openssl-devel-0.9.8e-12.el5_4.6.i386.rpm2dca5213115603430029730d317e391ab8a49602c9b7a8030ac634c2f510dbd7ELEA-2017-1391el5_u4_x86_64_patch
openssl-devel-0.9.8e-12.el5_4.6.i386.rpm2dca5213115603430029730d317e391ab8a49602c9b7a8030ac634c2f510dbd7ELEA-2017-1391el5_u5_x86_64_base
openssl-devel-0.9.8e-12.el5_4.6.x86_64.rpm7634409f4a5d94469263ca1dd904847178872a9874c4403ad112a51e6225803fELEA-2017-1391el5_u4_x86_64_patch
openssl-devel-0.9.8e-12.el5_4.6.x86_64.rpm7634409f4a5d94469263ca1dd904847178872a9874c4403ad112a51e6225803fELEA-2017-1391el5_u5_x86_64_base
openssl-perl-0.9.8e-12.el5_4.6.x86_64.rpm2207ec9b068cbac6f9ad6f4b4f2466264b6a335ca13df62ceea7b7e9968645b0ELEA-2017-1391el5_u4_x86_64_patch
openssl-perl-0.9.8e-12.el5_4.6.x86_64.rpm2207ec9b068cbac6f9ad6f4b4f2466264b6a335ca13df62ceea7b7e9968645b0ELEA-2017-1391el5_u5_x86_64_base



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights