Stay Connected:

ELSA-2011-0677

ELSA-2011-0677 - openssl security, bug fix, and enhancement update

Type:SECURITY
Impact:MODERATE
Release Date:2011-05-28

Description


[1.0.0-10]
- fix OCSP stapling vulnerability - CVE-2011-0014 (#676063)
- correct the README.FIPS document

[1.0.0-8]
- add -x931 parameter to openssl genrsa command to use the ANSI X9.31
key generation method
- use FIPS-186-3 method for DSA parameter generation
- add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable
to allow using MD5 when the system is in the maintenance state
even if the /proc fips flag is on
- make openssl pkcs12 command work by default in the FIPS mode

[1.0.0-7]
- listen on ipv6 wildcard in s_server so we accept connections
from both ipv4 and ipv6 (#601612)
- fix openssl speed command so it can be used in the FIPS mode
with FIPS allowed ciphers (#619762)

[1.0.0-6]
- disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864
(#649304)

[1.0.0-5]
- fix race in extension parsing code - CVE-2010-3864 (#649304)


Related CVEs


CVE-2011-0014

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 6 (i386) openssl-1.0.0-10.el6.src.rpm0e8844eca7d8db4d7c5845ea305644ffd4ab51c451db26edeb8c6047634043c9ELSA-2023-12326ol6_i386_latest_archive
openssl-1.0.0-10.el6.src.rpm0e8844eca7d8db4d7c5845ea305644ffd4ab51c451db26edeb8c6047634043c9ELSA-2023-12326ol6_u1_i386_base
openssl-1.0.0-10.el6.i686.rpm3ee66920cfc222f1eb1a2a52fd637f0d23ef7b1841e4239064cd319304120219ELSA-2023-12326ol6_i386_latest_archive
openssl-1.0.0-10.el6.i686.rpm3ee66920cfc222f1eb1a2a52fd637f0d23ef7b1841e4239064cd319304120219ELSA-2023-12326ol6_u1_i386_base
openssl-devel-1.0.0-10.el6.i686.rpmee9bab298e726d5f1f8059e01845dd385a443b5b812c96b5504da5302cf654bcELSA-2023-12326ol6_i386_latest_archive
openssl-devel-1.0.0-10.el6.i686.rpmee9bab298e726d5f1f8059e01845dd385a443b5b812c96b5504da5302cf654bcELSA-2023-12326ol6_u1_i386_base
openssl-perl-1.0.0-10.el6.i686.rpm5c40f28dee7fcee972907a8e40ea0711c837a631a8c9cb1de583a78f5a0b2d21ELSA-2023-12326ol6_i386_latest_archive
openssl-perl-1.0.0-10.el6.i686.rpm5c40f28dee7fcee972907a8e40ea0711c837a631a8c9cb1de583a78f5a0b2d21ELSA-2023-12326ol6_u1_i386_base
openssl-static-1.0.0-10.el6.i686.rpmc2d6b6ce799e2f086e870d8cc49af2a2a80515819798f91a1fc9a34131b1fbcaELSA-2023-12326ol6_i386_latest_archive
openssl-static-1.0.0-10.el6.i686.rpmc2d6b6ce799e2f086e870d8cc49af2a2a80515819798f91a1fc9a34131b1fbcaELSA-2023-12326ol6_u1_i386_base
Oracle Linux 6 (x86_64) openssl-1.0.0-10.el6.src.rpm0e8844eca7d8db4d7c5845ea305644ffd4ab51c451db26edeb8c6047634043c9ELSA-2023-12326ol6_u1_x86_64_base
openssl-1.0.0-10.el6.src.rpm0e8844eca7d8db4d7c5845ea305644ffd4ab51c451db26edeb8c6047634043c9ELSA-2023-12326ol6_x86_64_latest_archive
openssl-1.0.0-10.el6.i686.rpm3ee66920cfc222f1eb1a2a52fd637f0d23ef7b1841e4239064cd319304120219ELSA-2023-12326ol6_u1_x86_64_base
openssl-1.0.0-10.el6.i686.rpm3ee66920cfc222f1eb1a2a52fd637f0d23ef7b1841e4239064cd319304120219ELSA-2023-12326ol6_x86_64_latest_archive
openssl-1.0.0-10.el6.x86_64.rpmd3b51dfb32bf06c1da1d70794fa597b4a4ebf9cc4d639701db3a3e990b540303ELSA-2023-12326ol6_u1_x86_64_base
openssl-1.0.0-10.el6.x86_64.rpmd3b51dfb32bf06c1da1d70794fa597b4a4ebf9cc4d639701db3a3e990b540303ELSA-2023-12326ol6_x86_64_latest_archive
openssl-devel-1.0.0-10.el6.i686.rpmee9bab298e726d5f1f8059e01845dd385a443b5b812c96b5504da5302cf654bcELSA-2023-12326ol6_u1_x86_64_base
openssl-devel-1.0.0-10.el6.i686.rpmee9bab298e726d5f1f8059e01845dd385a443b5b812c96b5504da5302cf654bcELSA-2023-12326ol6_x86_64_latest_archive
openssl-devel-1.0.0-10.el6.x86_64.rpm6ff4bd630fb5a43256689c1afb6cb1150f62c46a22c0494ea10e4826822c4065ELSA-2023-12326ol6_u1_x86_64_base
openssl-devel-1.0.0-10.el6.x86_64.rpm6ff4bd630fb5a43256689c1afb6cb1150f62c46a22c0494ea10e4826822c4065ELSA-2023-12326ol6_x86_64_latest_archive
openssl-perl-1.0.0-10.el6.x86_64.rpmdd80334b4e12f5ec6e6e8ad94ae604d7dd05343df424030f2e97b3741a48b10fELSA-2023-12326ol6_u1_x86_64_base
openssl-perl-1.0.0-10.el6.x86_64.rpmdd80334b4e12f5ec6e6e8ad94ae604d7dd05343df424030f2e97b3741a48b10fELSA-2023-12326ol6_x86_64_latest_archive
openssl-static-1.0.0-10.el6.x86_64.rpm11ffbb0ed8cd1c82ce182549de1abb5692b93a9e4148c67a048df2a0bdbe4cceELSA-2023-12326ol6_u1_x86_64_base
openssl-static-1.0.0-10.el6.x86_64.rpm11ffbb0ed8cd1c82ce182549de1abb5692b93a9e4148c67a048df2a0bdbe4cceELSA-2023-12326ol6_x86_64_latest_archive



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights