ELSA-2014-0679

ELSA-2014-0679 - openssl security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2014-07-23

Description


[1.0.1e-34.3]
- fix CVE-2010-5298 - possible use of memory after free
- fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment
- fix CVE-2014-0198 - possible NULL pointer dereference
- fix CVE-2014-0221 - DoS from invalid DTLS handshake packet
- fix CVE-2014-0224 - SSL/TLS MITM vulnerability
- fix CVE-2014-3470 - client-side DoS when using anonymous ECDH


Related CVEs


CVE-2010-5298
CVE-2014-0195
CVE-2014-0198
CVE-2014-0221
CVE-2014-0224
CVE-2014-3470

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) openssl-1.0.1e-34.el7_0.3.src.rpma77e644ff0836d6ce824e47a082d17beELSA-2017-3518
openssl-1.0.1e-34.el7_0.3.x86_64.rpm785951562d5076ce71664a9ac9602685ELSA-2017-3518
openssl-devel-1.0.1e-34.el7_0.3.i686.rpm3567322901cc13cd90dafb87666a5b94ELSA-2017-3518
openssl-devel-1.0.1e-34.el7_0.3.x86_64.rpmc70664cc1beb10fa1f7c4e6e1e25a403ELSA-2017-3518
openssl-libs-1.0.1e-34.el7_0.3.i686.rpm074cedb6ce4b2ac2c20fe8d8310fe019ELSA-2017-3518
openssl-libs-1.0.1e-34.el7_0.3.x86_64.rpma538caf8f8bb50e50cd17d8da3d379bfELSA-2017-3518
openssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm6f2d52e1629a73eb5b7b8be52a9f6021ELSA-2017-3518
openssl-static-1.0.1e-34.el7_0.3.i686.rpmfb65f4c6647a1a9dca5df20c01556544ELSA-2017-3518
openssl-static-1.0.1e-34.el7_0.3.x86_64.rpm3ba4dd1c96f80005b5090c86c28b77e0ELSA-2017-3518



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete