Stay Connected:

ELSA-2015-1197

ELSA-2015-1197 - openssl security update

Type:SECURITY
Severity:MODERATE
Release Date:2015-06-30

Description


[0.9.8e-36.0.1]
- Backport openssl 08-Jan-2015 security fixes (John Haxby) [orabug 20409893]
- fix CVE-2014-3570 - Bignum squaring may produce incorrect results
- fix CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record
- fix CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client]

[0.9.8e-36]
- also change the default DH parameters in s_server to 1024 bits

[0.9.8e-35]
- fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time
- fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent
- fix CVE-2015-4000 - prevent the logjam attack on client - restrict
the DH key size to at least 768 bits (limit will be increased in future)


Related CVEs


CVE-2015-4000
CVE-2015-1789
CVE-2015-1790

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 5 (i386) openssl-0.9.8e-36.0.1.el5_11.src.rpm493bbda14ccc6945fe0ec6ea5c838e51ELEA-2017-1391
openssl-0.9.8e-36.0.1.el5_11.i386.rpma5c35028f862815dea50867467eba92fELEA-2017-1391
openssl-0.9.8e-36.0.1.el5_11.i686.rpm8ddd512c05dc21639ef6b881f0c6e9d6ELEA-2017-1391
openssl-devel-0.9.8e-36.0.1.el5_11.i386.rpma71bd90b4c181831e640c0bd72f939d8ELEA-2017-1391
openssl-perl-0.9.8e-36.0.1.el5_11.i386.rpm6d5328e718caada3635b50042e73a40dELEA-2017-1391
Oracle Linux 5 (ia64) openssl-0.9.8e-36.0.1.el5_11.src.rpm493bbda14ccc6945fe0ec6ea5c838e51ELEA-2017-1391
openssl-0.9.8e-36.0.1.el5_11.i686.rpm8ddd512c05dc21639ef6b881f0c6e9d6ELEA-2017-1391
openssl-0.9.8e-36.0.1.el5_11.ia64.rpme351b1d9d2be149b27a63fde28ff79c3ELEA-2017-1391
openssl-devel-0.9.8e-36.0.1.el5_11.ia64.rpm7abd9b4528c30d81cf2971a2a6269550ELEA-2017-1391
openssl-perl-0.9.8e-36.0.1.el5_11.ia64.rpmd8b1ebecaee17aa83b3a9c3d6b13e995ELEA-2017-1391
Oracle Linux 5 (x86_64) openssl-0.9.8e-36.0.1.el5_11.src.rpm493bbda14ccc6945fe0ec6ea5c838e51ELEA-2017-1391
openssl-0.9.8e-36.0.1.el5_11.i686.rpm8ddd512c05dc21639ef6b881f0c6e9d6ELEA-2017-1391
openssl-0.9.8e-36.0.1.el5_11.x86_64.rpma7db42817891f8a979f7d77584395c6cELEA-2017-1391
openssl-devel-0.9.8e-36.0.1.el5_11.i386.rpma71bd90b4c181831e640c0bd72f939d8ELEA-2017-1391
openssl-devel-0.9.8e-36.0.1.el5_11.x86_64.rpm274bcb2b87c0fb2b1085f823b31d372fELEA-2017-1391
openssl-perl-0.9.8e-36.0.1.el5_11.x86_64.rpm81e9a375feea7d95ff50a204f2cb5217ELEA-2017-1391



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights