ELSA-2014-1652

ULN >
Oracle Linux Errata repository >
ELSA-2014-1652

ELSA-2014-1652 - openssl security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2014-10-16

Description

[1.0.1e-30.2]
- fix CVE-2014-3567 - memory leak when handling session tickets
- fix CVE-2014-3513 - memory leak in srtp support
- add support for fallback SCSV to partially mitigate CVE-2014-3566
(padding attack on SSL3)

[1.0.1e-30]
- add ECC TLS extensions to DTLS (#1119800)

[1.0.1e-29]
- fix CVE-2014-3505 - doublefree in DTLS packet processing
- fix CVE-2014-3506 - avoid memory exhaustion in DTLS
- fix CVE-2014-3507 - avoid memory leak in DTLS
- fix CVE-2014-3508 - fix OID handling to avoid information leak
- fix CVE-2014-3509 - fix race condition when parsing server hello
- fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS
- fix CVE-2014-3511 - disallow protocol downgrade via fragmentation

[1.0.1e-28]
- fix CVE-2014-0224 fix that broke EAP-FAST session resumption support

[1.0.1e-26]
- drop EXPORT, RC2, and DES from the default cipher list (#1057520)
- print ephemeral key size negotiated in TLS handshake (#1057715)
- do not include ECC ciphersuites in SSLv2 client hello (#1090952)
- properly detect encryption failure in BIO (#1100819)
- fail on hmac integrity check if the .hmac file is empty (#1105567)
- FIPS mode: make the limitations on DSA, DH, and RSA keygen
length enforced only if OPENSSL_ENFORCE_MODULUS_BITS environment
variable is set

[1.0.1e-25]
- fix CVE-2010-5298 - possible use of memory after free
- fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment
- fix CVE-2014-0198 - possible NULL pointer dereference
- fix CVE-2014-0221 - DoS from invalid DTLS handshake packet
- fix CVE-2014-0224 - SSL/TLS MITM vulnerability
- fix CVE-2014-3470 - client-side DoS when using anonymous ECDH

[1.0.1e-24]
- add back support for secp521r1 EC curve

[1.0.1e-23]
- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension

[1.0.1e-22]
- use 2048 bit RSA key in FIPS selftests

[1.0.1e-21]
- add DH_compute_key_padded needed for FIPS CAVS testing
- make 3des strength to be 128 bits instead of 168 (#1056616)
- FIPS mode: do not generate DSA keys and DH parameters < 2048 bits
- FIPS mode: use approved RSA keygen (allows only 2048 and 3072 bit keys)
- FIPS mode: add DH selftest
- FIPS mode: reseed DRBG properly on RAND_add()
- FIPS mode: add RSA encrypt/decrypt selftest
- FIPS mode: add hard limit for 2^32 GCM block encryptions with the same key
- use the key length from configuration file if req -newkey rsa is invoked

[1.0.1e-20]
- fix CVE-2013-4353 - Invalid TLS handshake crash

[1.0.1e-19]
- fix CVE-2013-6450 - possible MiTM attack on DTLS1

[1.0.1e-18]
- fix CVE-2013-6449 - crash when version in SSL structure is incorrect

[1.0.1e-17]
- add back some no-op symbols that were inadvertently dropped

Related CVEs

CVE-2014-3513

CVE-2014-3567

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 6 (i386)	openssl-1.0.1e-30.el6_6.2.src.rpm	482356cbbdf4c7e5007a155a6bc7194e671ad861c1ec2d0b539e284f70274d60	ELSA-2023-12326	ol6_i386_latest_archive
	openssl-1.0.1e-30.el6_6.2.src.rpm	482356cbbdf4c7e5007a155a6bc7194e671ad861c1ec2d0b539e284f70274d60	ELSA-2023-12326	ol6_u6_i386_base
	openssl-1.0.1e-30.el6_6.2.src.rpm	482356cbbdf4c7e5007a155a6bc7194e671ad861c1ec2d0b539e284f70274d60	ELSA-2023-12326	ol6_u6_i386_patch
	openssl-1.0.1e-30.el6_6.2.i686.rpm	2a9884c447bec76e20822daa806dc37a992159a53224d3d267ad6b2c40088311	ELSA-2023-12326	ol6_i386_latest_archive
	openssl-1.0.1e-30.el6_6.2.i686.rpm	2a9884c447bec76e20822daa806dc37a992159a53224d3d267ad6b2c40088311	ELSA-2023-12326	ol6_u6_i386_base
	openssl-1.0.1e-30.el6_6.2.i686.rpm	2a9884c447bec76e20822daa806dc37a992159a53224d3d267ad6b2c40088311	ELSA-2023-12326	ol6_u6_i386_patch
	openssl-devel-1.0.1e-30.el6_6.2.i686.rpm	8a9641741d64fdbf08280b473b48748293e29e3abe16b17e24c8d8af0e89aa07	ELSA-2023-12326	ol6_i386_latest_archive
	openssl-devel-1.0.1e-30.el6_6.2.i686.rpm	8a9641741d64fdbf08280b473b48748293e29e3abe16b17e24c8d8af0e89aa07	ELSA-2023-12326	ol6_u6_i386_base
	openssl-devel-1.0.1e-30.el6_6.2.i686.rpm	8a9641741d64fdbf08280b473b48748293e29e3abe16b17e24c8d8af0e89aa07	ELSA-2023-12326	ol6_u6_i386_patch
	openssl-perl-1.0.1e-30.el6_6.2.i686.rpm	8cc353bfec2884e5dc9b72482136f166a5aec70c19fc7658e81dd8edbcd47ecc	ELSA-2023-12326	ol6_i386_latest_archive
	openssl-perl-1.0.1e-30.el6_6.2.i686.rpm	8cc353bfec2884e5dc9b72482136f166a5aec70c19fc7658e81dd8edbcd47ecc	ELSA-2023-12326	ol6_u6_i386_base
	openssl-perl-1.0.1e-30.el6_6.2.i686.rpm	8cc353bfec2884e5dc9b72482136f166a5aec70c19fc7658e81dd8edbcd47ecc	ELSA-2023-12326	ol6_u6_i386_patch
	openssl-static-1.0.1e-30.el6_6.2.i686.rpm	73f44da23946d7cd56e2ed474e7f3eae728c4982ba5c70d3a080f6e6c487117a	ELSA-2023-12326	ol6_i386_latest_archive
	openssl-static-1.0.1e-30.el6_6.2.i686.rpm	73f44da23946d7cd56e2ed474e7f3eae728c4982ba5c70d3a080f6e6c487117a	ELSA-2023-12326	ol6_u6_i386_base
	openssl-static-1.0.1e-30.el6_6.2.i686.rpm	73f44da23946d7cd56e2ed474e7f3eae728c4982ba5c70d3a080f6e6c487117a	ELSA-2023-12326	ol6_u6_i386_patch

Oracle Linux 6 (x86_64)	openssl-1.0.1e-30.el6_6.2.src.rpm	482356cbbdf4c7e5007a155a6bc7194e671ad861c1ec2d0b539e284f70274d60	ELSA-2023-12326	ol6_u6_x86_64_base
	openssl-1.0.1e-30.el6_6.2.src.rpm	482356cbbdf4c7e5007a155a6bc7194e671ad861c1ec2d0b539e284f70274d60	ELSA-2023-12326	ol6_u6_x86_64_patch
	openssl-1.0.1e-30.el6_6.2.src.rpm	482356cbbdf4c7e5007a155a6bc7194e671ad861c1ec2d0b539e284f70274d60	ELSA-2023-12326	ol6_x86_64_latest_archive
	openssl-1.0.1e-30.el6_6.2.i686.rpm	2a9884c447bec76e20822daa806dc37a992159a53224d3d267ad6b2c40088311	ELSA-2023-12326	ol6_u6_x86_64_base
	openssl-1.0.1e-30.el6_6.2.i686.rpm	2a9884c447bec76e20822daa806dc37a992159a53224d3d267ad6b2c40088311	ELSA-2023-12326	ol6_u6_x86_64_patch
	openssl-1.0.1e-30.el6_6.2.i686.rpm	2a9884c447bec76e20822daa806dc37a992159a53224d3d267ad6b2c40088311	ELSA-2023-12326	ol6_x86_64_latest_archive
	openssl-1.0.1e-30.el6_6.2.x86_64.rpm	6256d944abf01ef76ef5cd94abcd76b4d2815a75286ea0bbe5bd8e4c18120ea1	ELSA-2023-12326	exadata_dbserver_12.1.2.1.0_x86_64_base
	openssl-1.0.1e-30.el6_6.2.x86_64.rpm	6256d944abf01ef76ef5cd94abcd76b4d2815a75286ea0bbe5bd8e4c18120ea1	ELSA-2023-12326	ol6_u6_x86_64_base
	openssl-1.0.1e-30.el6_6.2.x86_64.rpm	6256d944abf01ef76ef5cd94abcd76b4d2815a75286ea0bbe5bd8e4c18120ea1	ELSA-2023-12326	ol6_u6_x86_64_patch
	openssl-1.0.1e-30.el6_6.2.x86_64.rpm	6256d944abf01ef76ef5cd94abcd76b4d2815a75286ea0bbe5bd8e4c18120ea1	ELSA-2023-12326	ol6_x86_64_latest_archive
	openssl-devel-1.0.1e-30.el6_6.2.i686.rpm	8a9641741d64fdbf08280b473b48748293e29e3abe16b17e24c8d8af0e89aa07	ELSA-2023-12326	ol6_u6_x86_64_base
	openssl-devel-1.0.1e-30.el6_6.2.i686.rpm	8a9641741d64fdbf08280b473b48748293e29e3abe16b17e24c8d8af0e89aa07	ELSA-2023-12326	ol6_u6_x86_64_patch
	openssl-devel-1.0.1e-30.el6_6.2.i686.rpm	8a9641741d64fdbf08280b473b48748293e29e3abe16b17e24c8d8af0e89aa07	ELSA-2023-12326	ol6_x86_64_latest_archive
	openssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm	3313b966c4870c131a52c96f07149e9dd2bca3b9c8fdcd379154301cdf30addf	ELSA-2023-12326	ol6_u6_x86_64_base
	openssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm	3313b966c4870c131a52c96f07149e9dd2bca3b9c8fdcd379154301cdf30addf	ELSA-2023-12326	ol6_u6_x86_64_patch
	openssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm	3313b966c4870c131a52c96f07149e9dd2bca3b9c8fdcd379154301cdf30addf	ELSA-2023-12326	ol6_x86_64_latest_archive
	openssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm	4aae541f84d18b8cb31ddb31e0a79e84875096547b1db3c3d991f138c12bb25b	ELSA-2023-12326	ol6_u6_x86_64_base
	openssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm	4aae541f84d18b8cb31ddb31e0a79e84875096547b1db3c3d991f138c12bb25b	ELSA-2023-12326	ol6_u6_x86_64_patch
	openssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm	4aae541f84d18b8cb31ddb31e0a79e84875096547b1db3c3d991f138c12bb25b	ELSA-2023-12326	ol6_x86_64_latest_archive
	openssl-static-1.0.1e-30.el6_6.2.x86_64.rpm	eeeba4a0ec8e7b7a08a9b032e842dce8c33c7f00bd7808b621157efa5e2abbd5	ELSA-2023-12326	ol6_u6_x86_64_base
	openssl-static-1.0.1e-30.el6_6.2.x86_64.rpm	eeeba4a0ec8e7b7a08a9b032e842dce8c33c7f00bd7808b621157efa5e2abbd5	ELSA-2023-12326	ol6_u6_x86_64_patch
	openssl-static-1.0.1e-30.el6_6.2.x86_64.rpm	eeeba4a0ec8e7b7a08a9b032e842dce8c33c7f00bd7808b621157efa5e2abbd5	ELSA-2023-12326	ol6_x86_64_latest_archive

Oracle Linux 7 (x86_64)	openssl-1.0.1e-34.el7_0.6.src.rpm	23025bbb4da8bfe25478d0d549b6c789afed5597495e9d91f1f6e34acd91af65	ELSA-2017-3518	ol7_x86_64_latest_archive
	openssl-1.0.1e-34.el7_0.6.src.rpm	23025bbb4da8bfe25478d0d549b6c789afed5597495e9d91f1f6e34acd91af65	ELSA-2017-3518	ol7_x86_64_optional_archive
	openssl-1.0.1e-34.el7_0.6.src.rpm	23025bbb4da8bfe25478d0d549b6c789afed5597495e9d91f1f6e34acd91af65	ELSA-2017-3518	ol7_x86_64_u0_patch
	openssl-1.0.1e-34.el7_0.6.x86_64.rpm	7bd6640f33b38d62845b61bd7fd034f16c4196d78171235e66563597905e0815	ELSA-2017-3518	ol7_x86_64_latest_archive
	openssl-1.0.1e-34.el7_0.6.x86_64.rpm	7bd6640f33b38d62845b61bd7fd034f16c4196d78171235e66563597905e0815	ELSA-2017-3518	ol7_x86_64_u0_patch
	openssl-devel-1.0.1e-34.el7_0.6.i686.rpm	e0dab35821d598071890da760852f1f83b93f1e0870a65489e3e37eeee45f268	ELSA-2017-3518	ol7_x86_64_latest_archive
	openssl-devel-1.0.1e-34.el7_0.6.i686.rpm	e0dab35821d598071890da760852f1f83b93f1e0870a65489e3e37eeee45f268	ELSA-2017-3518	ol7_x86_64_u0_patch
	openssl-devel-1.0.1e-34.el7_0.6.x86_64.rpm	6ad1352fe0cef98aaaee88739244ef0f2c28282f2c4b9f82e8798f7663d0b1fd	ELSA-2017-3518	ol7_x86_64_latest_archive
	openssl-devel-1.0.1e-34.el7_0.6.x86_64.rpm	6ad1352fe0cef98aaaee88739244ef0f2c28282f2c4b9f82e8798f7663d0b1fd	ELSA-2017-3518	ol7_x86_64_u0_patch
	openssl-libs-1.0.1e-34.el7_0.6.i686.rpm	bd952dae50fa9112ac5bdc834894ddb2a48bb9196476dea6345a8d9762f9f4a1	ELSA-2017-3518	ol7_x86_64_latest_archive
	openssl-libs-1.0.1e-34.el7_0.6.i686.rpm	bd952dae50fa9112ac5bdc834894ddb2a48bb9196476dea6345a8d9762f9f4a1	ELSA-2017-3518	ol7_x86_64_u0_patch
	openssl-libs-1.0.1e-34.el7_0.6.x86_64.rpm	10e888b0ce62c8132f4b3ebb41b17a528428b7af082e7e710dbc04179dd6cf23	ELSA-2017-3518	ol7_x86_64_latest_archive
	openssl-libs-1.0.1e-34.el7_0.6.x86_64.rpm	10e888b0ce62c8132f4b3ebb41b17a528428b7af082e7e710dbc04179dd6cf23	ELSA-2017-3518	ol7_x86_64_u0_patch
	openssl-perl-1.0.1e-34.el7_0.6.x86_64.rpm	9b0bfb03d68e6e011fd48e35523996b3c2f2c637b83eeddfefc0e471dc3ff7d1	ELSA-2017-3518	ol7_x86_64_optional_archive
	openssl-static-1.0.1e-34.el7_0.6.i686.rpm	0a943e50bffb25050a09de4ff9d3a677f95d12d1d78d733001b1cd34536b9c21	ELSA-2017-3518	ol7_x86_64_optional_archive
	openssl-static-1.0.1e-34.el7_0.6.x86_64.rpm	7954d42ed08905efb6dfc061aeedd8de5b6aafd7bb4083e9efa85af879f98cb4	ELSA-2017-3518	ol7_x86_64_optional_archive

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691