ELSA-2016-0372

ELSA-2016-0372 - openssl098e security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2016-03-09

Description


[0.9.8e-20.0.1.1]
- Updated the description

[0.9.8e-20.1]
- fix CVE-2015-0293 - triggerable assert in SSLv2 server
- fix CVE-2015-3197 - SSLv2 ciphersuite enforcement
- disable SSLv2 in the generic TLS method

[0.9.8e-20]
- fix for CVE-2014-0224 - SSL/TLS MITM vulnerability


Related CVEs


CVE-2015-0293
CVE-2015-3197
CVE-2016-0800
CVE-2016-0703
CVE-2016-0704

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) openssl098e-0.9.8e-20.0.1.el6_7.1.src.rpm1d83c598233d0fa466a219f3f6003d69-
openssl098e-0.9.8e-20.0.1.el6_7.1.i686.rpm9a8bd857faf8c48cdb94fa879c8b9477-
Oracle Linux 6 (x86_64) openssl098e-0.9.8e-20.0.1.el6_7.1.src.rpm1d83c598233d0fa466a219f3f6003d69-
openssl098e-0.9.8e-20.0.1.el6_7.1.i686.rpm9a8bd857faf8c48cdb94fa879c8b9477-
openssl098e-0.9.8e-20.0.1.el6_7.1.x86_64.rpmb16b13ff53153c9afcebbd868ecd3a26-
Oracle Linux 7 (x86_64) openssl098e-0.9.8e-29.el7_2.3.src.rpm9f6df5806933f964191eb49aef9fecc5-
openssl098e-0.9.8e-29.el7_2.3.i686.rpmd0a7c2b6d7ae1febc15df6175fe797e2-
openssl098e-0.9.8e-29.el7_2.3.x86_64.rpme1c6637f852446dfbf1faca2747b7aa2-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete