ELSA-2016-0996

ELSA-2016-0996 - openssl security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2016-05-12

Description


[1.0.1e-48.1]
- fix CVE-2016-2105 - possible overflow in base64 encoding
- fix CVE-2016-2106 - possible overflow in EVP_EncryptUpdate()
- fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC
- fix CVE-2016-2108 - memory corruption in ASN.1 encoder
- fix CVE-2016-2109 - possible DoS when reading ASN.1 data from BIO
- fix CVE-2016-0799 - memory issues in BIO_printf

[1.0.1e-48]
- fix CVE-2016-0702 - side channel attack on modular exponentiation
- fix CVE-2016-0705 - double-free in DSA private key parsing
- fix CVE-2016-0797 - heap corruption in BN_hex2bn and BN_dec2bn

[1.0.1e-47]
- fix CVE-2015-3197 - SSLv2 ciphersuite enforcement
- disable SSLv2 in the generic TLS method

[1.0.1e-46]
- fix 1-byte memory leak in pkcs12 parse (#1229871)
- document some options of the speed command (#1197095)

[1.0.1e-45]
- fix high-precision timestamps in timestamping authority

[1.0.1e-44]
- fix CVE-2015-7575 - disallow use of MD5 in TLS1.2

[1.0.1e-43]
- fix CVE-2015-3194 - certificate verify crash with missing PSS parameter
- fix CVE-2015-3195 - X509_ATTRIBUTE memory leak
- fix CVE-2015-3196 - race condition when handling PSK identity hint


Related CVEs


CVE-2016-2106
CVE-2016-2108
CVE-2016-2109
CVE-2016-0799
CVE-2016-2105
CVE-2016-2842
CVE-2016-2107

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 6 (i386) openssl-1.0.1e-48.el6_8.1.src.rpm900f8e5f4820463a4fce01db725354e52ff02efe5d169bfcb83948dcc501736fELSA-2023-12326ol6_i386_latest_archive
openssl-1.0.1e-48.el6_8.1.src.rpm900f8e5f4820463a4fce01db725354e52ff02efe5d169bfcb83948dcc501736fELSA-2023-12326ol6_u8_i386_patch
openssl-1.0.1e-48.el6_8.1.i686.rpm2e5646e447be6938f33bd881bcede70c40c3e250c196cde2f8a18e49204f3e63ELSA-2023-12326ol6_i386_latest_archive
openssl-1.0.1e-48.el6_8.1.i686.rpm2e5646e447be6938f33bd881bcede70c40c3e250c196cde2f8a18e49204f3e63ELSA-2023-12326ol6_u8_i386_patch
openssl-devel-1.0.1e-48.el6_8.1.i686.rpmedc6b2b421196af0f6a35848cb36c6ccc184b530519519d5fa01cfea005b476bELSA-2023-12326ol6_i386_latest_archive
openssl-devel-1.0.1e-48.el6_8.1.i686.rpmedc6b2b421196af0f6a35848cb36c6ccc184b530519519d5fa01cfea005b476bELSA-2023-12326ol6_u8_i386_patch
openssl-perl-1.0.1e-48.el6_8.1.i686.rpm672f8727410ad98a51246c268a0669c2254065141d40ab41f501e5e5757b9b59ELSA-2023-12326ol6_i386_latest_archive
openssl-perl-1.0.1e-48.el6_8.1.i686.rpm672f8727410ad98a51246c268a0669c2254065141d40ab41f501e5e5757b9b59ELSA-2023-12326ol6_u8_i386_patch
openssl-static-1.0.1e-48.el6_8.1.i686.rpm00efb6e68067bfdd13866853701273cfedf29c3c5f6bd4249539e67ba176d9baELSA-2023-12326ol6_i386_latest_archive
openssl-static-1.0.1e-48.el6_8.1.i686.rpm00efb6e68067bfdd13866853701273cfedf29c3c5f6bd4249539e67ba176d9baELSA-2023-12326ol6_u8_i386_patch
Oracle Linux 6 (x86_64) openssl-1.0.1e-48.el6_8.1.src.rpm900f8e5f4820463a4fce01db725354e52ff02efe5d169bfcb83948dcc501736fELSA-2023-12326ol6_u8_x86_64_patch
openssl-1.0.1e-48.el6_8.1.src.rpm900f8e5f4820463a4fce01db725354e52ff02efe5d169bfcb83948dcc501736fELSA-2023-12326ol6_x86_64_latest_archive
openssl-1.0.1e-48.el6_8.1.i686.rpm2e5646e447be6938f33bd881bcede70c40c3e250c196cde2f8a18e49204f3e63ELSA-2023-12326ol6_u8_x86_64_patch
openssl-1.0.1e-48.el6_8.1.i686.rpm2e5646e447be6938f33bd881bcede70c40c3e250c196cde2f8a18e49204f3e63ELSA-2023-12326ol6_x86_64_latest_archive
openssl-1.0.1e-48.el6_8.1.x86_64.rpm5aeb3ddf640c49fe5416a9185f566441ff7834168f56b04e4595a8bcb240b586ELSA-2023-12326exadata_dbserver_12.1.2.2.3_x86_64_base
openssl-1.0.1e-48.el6_8.1.x86_64.rpm5aeb3ddf640c49fe5416a9185f566441ff7834168f56b04e4595a8bcb240b586ELSA-2023-12326exadata_dbserver_12.1.2.3.2_x86_64_base
openssl-1.0.1e-48.el6_8.1.x86_64.rpm5aeb3ddf640c49fe5416a9185f566441ff7834168f56b04e4595a8bcb240b586ELSA-2023-12326ol6_u8_x86_64_patch
openssl-1.0.1e-48.el6_8.1.x86_64.rpm5aeb3ddf640c49fe5416a9185f566441ff7834168f56b04e4595a8bcb240b586ELSA-2023-12326ol6_x86_64_latest_archive
openssl-devel-1.0.1e-48.el6_8.1.i686.rpmedc6b2b421196af0f6a35848cb36c6ccc184b530519519d5fa01cfea005b476bELSA-2023-12326ol6_u8_x86_64_patch
openssl-devel-1.0.1e-48.el6_8.1.i686.rpmedc6b2b421196af0f6a35848cb36c6ccc184b530519519d5fa01cfea005b476bELSA-2023-12326ol6_x86_64_latest_archive
openssl-devel-1.0.1e-48.el6_8.1.x86_64.rpma73265aea97646ad7bd18977bcbb8c5df6b1eaa61d7a8a913a504767dcadf00fELSA-2023-12326ol6_u8_x86_64_patch
openssl-devel-1.0.1e-48.el6_8.1.x86_64.rpma73265aea97646ad7bd18977bcbb8c5df6b1eaa61d7a8a913a504767dcadf00fELSA-2023-12326ol6_x86_64_latest_archive
openssl-perl-1.0.1e-48.el6_8.1.x86_64.rpm72b14887aa735255f57527ca3df3d7377dcce4925550ddfa115b3346bd6ed016ELSA-2023-12326ol6_u8_x86_64_patch
openssl-perl-1.0.1e-48.el6_8.1.x86_64.rpm72b14887aa735255f57527ca3df3d7377dcce4925550ddfa115b3346bd6ed016ELSA-2023-12326ol6_x86_64_latest_archive
openssl-static-1.0.1e-48.el6_8.1.x86_64.rpm1542c152f638e5446bc6b417d47a8a2aae5b26d10474c99c9eeecfa7490523b5ELSA-2023-12326ol6_u8_x86_64_patch
openssl-static-1.0.1e-48.el6_8.1.x86_64.rpm1542c152f638e5446bc6b417d47a8a2aae5b26d10474c99c9eeecfa7490523b5ELSA-2023-12326ol6_x86_64_latest_archive



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete