ELSA-2015-1197

ULN >
Oracle Linux Errata repository >
ELSA-2015-1197

ELSA-2015-1197 - openssl security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2015-06-30

Description

[0.9.8e-36.0.1]
- Backport openssl 08-Jan-2015 security fixes (John Haxby) [orabug 20409893]
- fix CVE-2014-3570 - Bignum squaring may produce incorrect results
- fix CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record
- fix CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client]

[0.9.8e-36]
- also change the default DH parameters in s_server to 1024 bits

[0.9.8e-35]
- fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time
- fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent
- fix CVE-2015-4000 - prevent the logjam attack on client - restrict
the DH key size to at least 768 bits (limit will be increased in future)

Related CVEs

CVE-2015-1789

CVE-2015-1790

CVE-2015-4000

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 5 (i386)	openssl-0.9.8e-36.0.1.el5_11.src.rpm	40ff5ae0e6d3bb5a17ff3e4957b08690025246c6e018515c2bfec3c299c880e8	ELEA-2017-1391	ol5_i386_latest
	openssl-0.9.8e-36.0.1.el5_11.src.rpm	40ff5ae0e6d3bb5a17ff3e4957b08690025246c6e018515c2bfec3c299c880e8	ELEA-2017-1391	ol5_u11_i386_patch
	openssl-0.9.8e-36.0.1.el5_11.i386.rpm	3f8e92513a6610542aac9fb83e0c0a43830308011b71c2dbc67df10d39abce2c	ELEA-2017-1391	ol5_i386_latest
	openssl-0.9.8e-36.0.1.el5_11.i386.rpm	3f8e92513a6610542aac9fb83e0c0a43830308011b71c2dbc67df10d39abce2c	ELEA-2017-1391	ol5_u11_i386_patch
	openssl-0.9.8e-36.0.1.el5_11.i686.rpm	3e457c8d71f594e6dcf67d40f0fa851bb4d3daee3b77a99989e1272adfd6aa09	ELEA-2017-1391	ol5_i386_latest
	openssl-0.9.8e-36.0.1.el5_11.i686.rpm	3e457c8d71f594e6dcf67d40f0fa851bb4d3daee3b77a99989e1272adfd6aa09	ELEA-2017-1391	ol5_u11_i386_patch
	openssl-devel-0.9.8e-36.0.1.el5_11.i386.rpm	34531a2acf97032bfc1239689e5fede57ec6ca670634b0b8e6f55cbefd4cad06	ELEA-2017-1391	ol5_i386_latest
	openssl-devel-0.9.8e-36.0.1.el5_11.i386.rpm	34531a2acf97032bfc1239689e5fede57ec6ca670634b0b8e6f55cbefd4cad06	ELEA-2017-1391	ol5_u11_i386_patch
	openssl-perl-0.9.8e-36.0.1.el5_11.i386.rpm	55e81154dad0418ca11dee44b2878e19da6c808f17e14d4c3c3ef2ada1c1571f	ELEA-2017-1391	ol5_i386_latest
	openssl-perl-0.9.8e-36.0.1.el5_11.i386.rpm	55e81154dad0418ca11dee44b2878e19da6c808f17e14d4c3c3ef2ada1c1571f	ELEA-2017-1391	ol5_u11_i386_patch

Oracle Linux 5 (ia64)	openssl-0.9.8e-36.0.1.el5_11.src.rpm	40ff5ae0e6d3bb5a17ff3e4957b08690025246c6e018515c2bfec3c299c880e8	ELEA-2017-1391	ol5_ia64_latest
	openssl-0.9.8e-36.0.1.el5_11.src.rpm	40ff5ae0e6d3bb5a17ff3e4957b08690025246c6e018515c2bfec3c299c880e8	ELEA-2017-1391	ol5_u11_ia64_patch
	openssl-0.9.8e-36.0.1.el5_11.i686.rpm	3e457c8d71f594e6dcf67d40f0fa851bb4d3daee3b77a99989e1272adfd6aa09	ELEA-2017-1391	ol5_ia64_latest
	openssl-0.9.8e-36.0.1.el5_11.i686.rpm	3e457c8d71f594e6dcf67d40f0fa851bb4d3daee3b77a99989e1272adfd6aa09	ELEA-2017-1391	ol5_u11_ia64_patch
	openssl-0.9.8e-36.0.1.el5_11.ia64.rpm	33f59954fc3b337fc1ac23c9935f3a856a7f89af0f43457ae8dae017d29ebc3a	ELEA-2017-1391	ol5_ia64_latest
	openssl-0.9.8e-36.0.1.el5_11.ia64.rpm	33f59954fc3b337fc1ac23c9935f3a856a7f89af0f43457ae8dae017d29ebc3a	ELEA-2017-1391	ol5_u11_ia64_patch
	openssl-devel-0.9.8e-36.0.1.el5_11.ia64.rpm	f5fb5219259765b9d22a23fc4dab6ebe5877379f919d780ec5bf23fa48d7347c	ELEA-2017-1391	ol5_ia64_latest
	openssl-devel-0.9.8e-36.0.1.el5_11.ia64.rpm	f5fb5219259765b9d22a23fc4dab6ebe5877379f919d780ec5bf23fa48d7347c	ELEA-2017-1391	ol5_u11_ia64_patch
	openssl-perl-0.9.8e-36.0.1.el5_11.ia64.rpm	c927d6bca7175e587f35dadd29672602d274060e2a2585f17fec92f743efb59f	ELEA-2017-1391	ol5_ia64_latest
	openssl-perl-0.9.8e-36.0.1.el5_11.ia64.rpm	c927d6bca7175e587f35dadd29672602d274060e2a2585f17fec92f743efb59f	ELEA-2017-1391	ol5_u11_ia64_patch

Oracle Linux 5 (x86_64)	openssl-0.9.8e-36.0.1.el5_11.src.rpm	40ff5ae0e6d3bb5a17ff3e4957b08690025246c6e018515c2bfec3c299c880e8	ELEA-2017-1391	ol5_u11_x86_64_patch
	openssl-0.9.8e-36.0.1.el5_11.src.rpm	40ff5ae0e6d3bb5a17ff3e4957b08690025246c6e018515c2bfec3c299c880e8	ELEA-2017-1391	ol5_x86_64_latest
	openssl-0.9.8e-36.0.1.el5_11.i686.rpm	3e457c8d71f594e6dcf67d40f0fa851bb4d3daee3b77a99989e1272adfd6aa09	ELEA-2017-1391	ol5_u11_x86_64_patch
	openssl-0.9.8e-36.0.1.el5_11.i686.rpm	3e457c8d71f594e6dcf67d40f0fa851bb4d3daee3b77a99989e1272adfd6aa09	ELEA-2017-1391	ol5_x86_64_latest
	openssl-0.9.8e-36.0.1.el5_11.x86_64.rpm	8c08c5ef644e68b303ddba888e10affc16897584f2d4906670be27b7c078329d	ELEA-2017-1391	ol5_u11_x86_64_patch
	openssl-0.9.8e-36.0.1.el5_11.x86_64.rpm	8c08c5ef644e68b303ddba888e10affc16897584f2d4906670be27b7c078329d	ELEA-2017-1391	ol5_x86_64_latest
	openssl-devel-0.9.8e-36.0.1.el5_11.i386.rpm	34531a2acf97032bfc1239689e5fede57ec6ca670634b0b8e6f55cbefd4cad06	ELEA-2017-1391	ol5_u11_x86_64_patch
	openssl-devel-0.9.8e-36.0.1.el5_11.i386.rpm	34531a2acf97032bfc1239689e5fede57ec6ca670634b0b8e6f55cbefd4cad06	ELEA-2017-1391	ol5_x86_64_latest
	openssl-devel-0.9.8e-36.0.1.el5_11.x86_64.rpm	bb815d00b033250d55512d3f04472bb41b25321f3f0c520b587cb71af1a27848	ELEA-2017-1391	ol5_u11_x86_64_patch
	openssl-devel-0.9.8e-36.0.1.el5_11.x86_64.rpm	bb815d00b033250d55512d3f04472bb41b25321f3f0c520b587cb71af1a27848	ELEA-2017-1391	ol5_x86_64_latest
	openssl-perl-0.9.8e-36.0.1.el5_11.x86_64.rpm	92adfb2e268f86b8f4b4537c4006da3b90511ceed3081237ef89f9688a616501	ELEA-2017-1391	ol5_u11_x86_64_patch
	openssl-perl-0.9.8e-36.0.1.el5_11.x86_64.rpm	92adfb2e268f86b8f4b4537c4006da3b90511ceed3081237ef89f9688a616501	ELEA-2017-1391	ol5_x86_64_latest

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691