ELSA-2014-0625

ELSA-2014-0625 - openssl security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2014-06-05

Description


[1.0.1e-16.14]
- fix CVE-2010-5298 - possible use of memory after free
- fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment
- fix CVE-2014-0198 - possible NULL pointer dereference
- fix CVE-2014-0221 - DoS from invalid DTLS handshake packet
- fix CVE-2014-0224 - SSL/TLS MITM vulnerability
- fix CVE-2014-3470 - client-side DoS when using anonymous ECDH


Related CVEs


CVE-2010-5298
CVE-2014-0195
CVE-2014-0198
CVE-2014-0221
CVE-2014-0224
CVE-2014-3470

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) openssl-1.0.1e-16.el6_5.14.src.rpmba2f865525849d68333e4da95663f7a4ELBA-2017-3532
openssl-1.0.1e-16.el6_5.14.i686.rpm58da1c2e39fd9157f46ffdcc19e1c7bbELBA-2017-3532
openssl-devel-1.0.1e-16.el6_5.14.i686.rpm244fbcd43aae94b5f73fe73f9347110cELBA-2017-3532
openssl-perl-1.0.1e-16.el6_5.14.i686.rpm695adfb507ee08112851c85c5ce9c869ELBA-2017-3532
openssl-static-1.0.1e-16.el6_5.14.i686.rpmadd462554f3302285e669f6d4a127e89ELBA-2017-3532
Oracle Linux 6 (x86_64) openssl-1.0.1e-16.el6_5.14.src.rpmba2f865525849d68333e4da95663f7a4ELBA-2017-3532
openssl-1.0.1e-16.el6_5.14.i686.rpm58da1c2e39fd9157f46ffdcc19e1c7bbELBA-2017-3532
openssl-1.0.1e-16.el6_5.14.x86_64.rpmb6668644f8a0d0db860ef62e7aa5ea99ELBA-2017-3532
openssl-devel-1.0.1e-16.el6_5.14.i686.rpm244fbcd43aae94b5f73fe73f9347110cELBA-2017-3532
openssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm44ee31c9fe5cb91cf5909e6f4b767c10ELBA-2017-3532
openssl-perl-1.0.1e-16.el6_5.14.x86_64.rpmc9bfeee52e0dbc2dac4fd3cfd96fcc29ELBA-2017-3532
openssl-static-1.0.1e-16.el6_5.14.x86_64.rpm600f70af9447ef3cc720a871330d6c52ELBA-2017-3532



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete