ELSA-2014-1053 - openssl security update

Type:SECURITY
Severity:MODERATE
Release Date:2014-08-13

Description


[0.9.8e-27.4]
- fix CVE-2014-0221 - recursion in DTLS code leading to DoS
- fix CVE-2014-3505 - doublefree in DTLS packet processing
- fix CVE-2014-3506 - avoid memory exhaustion in DTLS
- fix CVE-2014-3508 - fix OID handling to avoid information leak
- fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS

[0.9.8e-27.3]
- fix for CVE-2014-0224 - SSL/TLS MITM vulnerability

[0.9.8e-27.1]
- replace expired GlobalSign Root CA certificate in ca-bundle.crt


Related CVEs


CVE-2014-0221
CVE-2014-3505
CVE-2014-3506
CVE-2014-3508
CVE-2014-3510

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 5 (i386) openssl-0.9.8e-27.el5_10.4.src.rpmfcf11313c9549c1769fda931fd42cad0ELSA-2016-3627
openssl-0.9.8e-27.el5_10.4.i386.rpma6097aca49bb02d868910af772305e08ELSA-2016-3627
openssl-0.9.8e-27.el5_10.4.i686.rpmcae620cd55ad731609adb03b4cb0437bELSA-2016-3627
openssl-devel-0.9.8e-27.el5_10.4.i386.rpm11b9a885552c97ee5133bfab7cecec06ELSA-2016-3627
openssl-perl-0.9.8e-27.el5_10.4.i386.rpm78cdf9c5cb96d44e2344bfb8de33d011ELSA-2016-3627
Oracle Linux 5 (ia64) openssl-0.9.8e-27.el5_10.4.src.rpmfcf11313c9549c1769fda931fd42cad0ELSA-2016-3627
openssl-0.9.8e-27.el5_10.4.i686.rpmcae620cd55ad731609adb03b4cb0437bELSA-2016-3627
openssl-0.9.8e-27.el5_10.4.ia64.rpmce737f3a7cffd4426bbf03e34e9bb240ELSA-2016-3627
openssl-devel-0.9.8e-27.el5_10.4.ia64.rpm6ccbe7ec1395e6f4371903027fe11a6bELSA-2016-3627
openssl-perl-0.9.8e-27.el5_10.4.ia64.rpmbbd8d44479e7482330134080d1de1d82ELSA-2016-3627
Oracle Linux 5 (x86_64) openssl-0.9.8e-27.el5_10.4.src.rpmfcf11313c9549c1769fda931fd42cad0ELSA-2016-3627
openssl-0.9.8e-27.el5_10.4.i686.rpmcae620cd55ad731609adb03b4cb0437bELSA-2016-3627
openssl-0.9.8e-27.el5_10.4.x86_64.rpm76a2984d3a329a01d3aa9749d2c5412bELSA-2016-3627
openssl-devel-0.9.8e-27.el5_10.4.i386.rpm11b9a885552c97ee5133bfab7cecec06ELSA-2016-3627
openssl-devel-0.9.8e-27.el5_10.4.x86_64.rpmd8c6988aa8a11dbb54f7f9927582a04cELSA-2016-3627
openssl-perl-0.9.8e-27.el5_10.4.x86_64.rpm8d598d3772fd72e5c2536bc3ec8155abELSA-2016-3627

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team