ELSA-2015-2617

ELSA-2015-2617 - openssl security update

Type:SECURITY
Impact:MODERATE
Release Date:2015-12-14

Description


[1.0.1e-51.1]
- fix CVE-2015-3194 - certificate verify crash with missing PSS parameter
- fix CVE-2015-3195 - X509_ATTRIBUTE memory leak
- fix CVE-2015-3196 - race condition when handling PSK identity hint

[1.0.1e-51]
- fix the CVE-2015-1791 fix (broken server side renegotiation)

[1.0.1e-50]
- improved fix for CVE-2015-1791
- add missing parts of CVE-2015-0209 fix for corectness although unexploitable

[1.0.1e-49]
- fix CVE-2014-8176 - invalid free in DTLS buffering code
- fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time
- fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent
- fix CVE-2015-1791 - race condition handling NewSessionTicket
- fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function

[1.0.1e-48]
- fix CVE-2015-3216 - regression in RAND locking that can cause segfaults on
read in multithreaded applications

[1.0.1e-47]
- fix CVE-2015-4000 - prevent the logjam attack on client - restrict
the DH key size to at least 768 bits (limit will be increased in future)

[1.0.1e-46]
- drop the AES-GCM restriction of 2^32 operations because the IV is
always 96 bits (32 bit fixed field + 64 bit invocation field)

[1.0.1e-45]
- update fix for CVE-2015-0287 to what was released upstream

[1.0.1e-44]
- fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey()
- fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison
- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption
- fix CVE-2015-0288 - X509_to_X509_REQ NULL pointer dereference
- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data
- fix CVE-2015-0292 - integer underflow in base64 decoder
- fix CVE-2015-0293 - triggerable assert in SSLv2 server

[1.0.1e-43]
- fix broken error detection when unwrapping unpadded key

[1.0.1e-42.1]
- fix the RFC 5649 for key material that does not need padding


Related CVEs


CVE-2015-3195
CVE-2015-3194
CVE-2015-3196

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 6 (i386) openssl-1.0.1e-42.el6_7.1.src.rpmab87d8bd3a5b492d2b4f04fa9d53721efcd7f52e2d903b4daf05f17b782fe18cELSA-2023-12326ol6_i386_latest_archive
openssl-1.0.1e-42.el6_7.1.src.rpmab87d8bd3a5b492d2b4f04fa9d53721efcd7f52e2d903b4daf05f17b782fe18cELSA-2023-12326ol6_u7_i386_patch
openssl-1.0.1e-42.el6_7.1.i686.rpm8d0f5a16e11d5149bdf83e37ea67482bd35af5bb24b66f3f6738374a167c2f1bELSA-2023-12326ol6_i386_latest_archive
openssl-1.0.1e-42.el6_7.1.i686.rpm8d0f5a16e11d5149bdf83e37ea67482bd35af5bb24b66f3f6738374a167c2f1bELSA-2023-12326ol6_u7_i386_patch
openssl-devel-1.0.1e-42.el6_7.1.i686.rpm3f816f513874e98cbddc52b51947c7aa4686d9675c62205d160c34437a0bb70bELSA-2023-12326ol6_i386_latest_archive
openssl-devel-1.0.1e-42.el6_7.1.i686.rpm3f816f513874e98cbddc52b51947c7aa4686d9675c62205d160c34437a0bb70bELSA-2023-12326ol6_u7_i386_patch
openssl-perl-1.0.1e-42.el6_7.1.i686.rpm891ddda4c9731e6fbc9bcd4afc1ea2b28be753fcd742cc745d5cf6bb15d50707ELSA-2023-12326ol6_i386_latest_archive
openssl-perl-1.0.1e-42.el6_7.1.i686.rpm891ddda4c9731e6fbc9bcd4afc1ea2b28be753fcd742cc745d5cf6bb15d50707ELSA-2023-12326ol6_u7_i386_patch
openssl-static-1.0.1e-42.el6_7.1.i686.rpma5ea3aceadca0decb151e8d9d218a7d2f4681e00d709aef592bd1c374fed4badELSA-2023-12326ol6_i386_latest_archive
openssl-static-1.0.1e-42.el6_7.1.i686.rpma5ea3aceadca0decb151e8d9d218a7d2f4681e00d709aef592bd1c374fed4badELSA-2023-12326ol6_u7_i386_patch
Oracle Linux 6 (x86_64) openssl-1.0.1e-42.el6_7.1.src.rpmab87d8bd3a5b492d2b4f04fa9d53721efcd7f52e2d903b4daf05f17b782fe18cELSA-2023-12326ol6_u7_x86_64_patch
openssl-1.0.1e-42.el6_7.1.src.rpmab87d8bd3a5b492d2b4f04fa9d53721efcd7f52e2d903b4daf05f17b782fe18cELSA-2023-12326ol6_x86_64_latest_archive
openssl-1.0.1e-42.el6_7.1.i686.rpm8d0f5a16e11d5149bdf83e37ea67482bd35af5bb24b66f3f6738374a167c2f1bELSA-2023-12326ol6_u7_x86_64_patch
openssl-1.0.1e-42.el6_7.1.i686.rpm8d0f5a16e11d5149bdf83e37ea67482bd35af5bb24b66f3f6738374a167c2f1bELSA-2023-12326ol6_x86_64_latest_archive
openssl-1.0.1e-42.el6_7.1.x86_64.rpm0b80833524e92e5d99a5b5285c8545daaaf8b054ed39293c43a64a59de916feeELSA-2023-12326exadata_dbserver_12.1.2.2.1_x86_64_base
openssl-1.0.1e-42.el6_7.1.x86_64.rpm0b80833524e92e5d99a5b5285c8545daaaf8b054ed39293c43a64a59de916feeELSA-2023-12326ol6_u7_x86_64_patch
openssl-1.0.1e-42.el6_7.1.x86_64.rpm0b80833524e92e5d99a5b5285c8545daaaf8b054ed39293c43a64a59de916feeELSA-2023-12326ol6_x86_64_latest_archive
openssl-devel-1.0.1e-42.el6_7.1.i686.rpm3f816f513874e98cbddc52b51947c7aa4686d9675c62205d160c34437a0bb70bELSA-2023-12326ol6_u7_x86_64_patch
openssl-devel-1.0.1e-42.el6_7.1.i686.rpm3f816f513874e98cbddc52b51947c7aa4686d9675c62205d160c34437a0bb70bELSA-2023-12326ol6_x86_64_latest_archive
openssl-devel-1.0.1e-42.el6_7.1.x86_64.rpm8822b48c3425a1d7c53d827800e98f4bfb8c9b11bdadab44c37cf27f92cca94cELSA-2023-12326ol6_u7_x86_64_patch
openssl-devel-1.0.1e-42.el6_7.1.x86_64.rpm8822b48c3425a1d7c53d827800e98f4bfb8c9b11bdadab44c37cf27f92cca94cELSA-2023-12326ol6_x86_64_latest_archive
openssl-perl-1.0.1e-42.el6_7.1.x86_64.rpm83f1e09e1f6cc7a56427f638a0b68c266b38335ed0bab90267bff966fe2bd6c8ELSA-2023-12326ol6_u7_x86_64_patch
openssl-perl-1.0.1e-42.el6_7.1.x86_64.rpm83f1e09e1f6cc7a56427f638a0b68c266b38335ed0bab90267bff966fe2bd6c8ELSA-2023-12326ol6_x86_64_latest_archive
openssl-static-1.0.1e-42.el6_7.1.x86_64.rpm6f043548b00b5a58b518da506a4746ee95deeadd60076eb1967f5b1a6ed32e91ELSA-2023-12326ol6_u7_x86_64_patch
openssl-static-1.0.1e-42.el6_7.1.x86_64.rpm6f043548b00b5a58b518da506a4746ee95deeadd60076eb1967f5b1a6ed32e91ELSA-2023-12326ol6_x86_64_latest_archive
Oracle Linux 7 (x86_64) openssl-1.0.1e-51.el7_2.1.src.rpm375fe47b79dbede75605f1e89536b6a4341ac16a3f5bb541c256fcccee713090ELSA-2017-3518ol7_x86_64_latest_archive
openssl-1.0.1e-51.el7_2.1.src.rpm375fe47b79dbede75605f1e89536b6a4341ac16a3f5bb541c256fcccee713090ELSA-2017-3518ol7_x86_64_optional_archive
openssl-1.0.1e-51.el7_2.1.src.rpm375fe47b79dbede75605f1e89536b6a4341ac16a3f5bb541c256fcccee713090ELSA-2017-3518ol7_x86_64_u2_patch
openssl-1.0.1e-51.el7_2.1.x86_64.rpm406ba9d44cf1501563d3a41dff8e2b66bc643efa84763c79697e2b83c21051b1ELSA-2017-3518ol7_x86_64_latest_archive
openssl-1.0.1e-51.el7_2.1.x86_64.rpm406ba9d44cf1501563d3a41dff8e2b66bc643efa84763c79697e2b83c21051b1ELSA-2017-3518ol7_x86_64_u2_patch
openssl-devel-1.0.1e-51.el7_2.1.i686.rpme60c52e2f1f1fcb051758868b612940231d081d27ac5150c5177a4c04bb344a0ELSA-2017-3518ol7_x86_64_latest_archive
openssl-devel-1.0.1e-51.el7_2.1.i686.rpme60c52e2f1f1fcb051758868b612940231d081d27ac5150c5177a4c04bb344a0ELSA-2017-3518ol7_x86_64_u2_patch
openssl-devel-1.0.1e-51.el7_2.1.x86_64.rpme882c6b7ab917f268e979e39b4c22ae01fdfee0b961a275e99ca5a6307dcd377ELSA-2017-3518ol7_x86_64_latest_archive
openssl-devel-1.0.1e-51.el7_2.1.x86_64.rpme882c6b7ab917f268e979e39b4c22ae01fdfee0b961a275e99ca5a6307dcd377ELSA-2017-3518ol7_x86_64_u2_patch
openssl-libs-1.0.1e-51.el7_2.1.i686.rpmfcaa9fc78b8c194e77565bba41f9ccdf4ab505d5f4ece94318bf7be7b172493eELSA-2017-3518ol7_x86_64_latest_archive
openssl-libs-1.0.1e-51.el7_2.1.i686.rpmfcaa9fc78b8c194e77565bba41f9ccdf4ab505d5f4ece94318bf7be7b172493eELSA-2017-3518ol7_x86_64_u2_patch
openssl-libs-1.0.1e-51.el7_2.1.x86_64.rpmd521a3ed1dcc4e52b61de0ca42567170bea7712473ca777f28afc18a12c19604ELSA-2017-3518ol7_x86_64_latest_archive
openssl-libs-1.0.1e-51.el7_2.1.x86_64.rpmd521a3ed1dcc4e52b61de0ca42567170bea7712473ca777f28afc18a12c19604ELSA-2017-3518ol7_x86_64_u2_patch
openssl-perl-1.0.1e-51.el7_2.1.x86_64.rpmba1bd4ada131a4f91325592c8d758e571eaed1b982d47a59b22d756067bd3c7cELSA-2017-3518ol7_x86_64_optional_archive
openssl-static-1.0.1e-51.el7_2.1.i686.rpmfcfe4c04d1b254a8d076c2f597a83f9d2944f40366b3f2b27f746e961344aed9ELSA-2017-3518ol7_x86_64_optional_archive
openssl-static-1.0.1e-51.el7_2.1.x86_64.rpm936ccf0e95e2c548d7285eb1d8f76f50f0951601179eec821b296d3a7a6a58b9ELSA-2017-3518ol7_x86_64_optional_archive



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete