ELSA-2016-1137

ULN >
Oracle Linux Errata repository >
ELSA-2016-1137

ELSA-2016-1137 - openssl security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2016-05-31

Description

[0.9.8e-40.0.1]
- To disable SSLv2 client connections create the file
/etc/sysconfig/openssl-ssl-client-kill-sslv2 (John Haxby) [orabug 21673934]
- Backport openssl 08-Jan-2015 security fixes (John Haxby) [orabug 20409893]
- fix CVE-2014-3570 - Bignum squaring may produce incorrect results
- fix CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record
- fix CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client]

[0.9.8e-40]
- fix CVE-2016-2108 - memory corruption in ASN.1 encoder

Related CVEs

CVE-2016-2108

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 5 (i386)	openssl-0.9.8e-40.0.1.el5_11.src.rpm	5d7d83808e217174504a5001a3cb28745704f4b6b8cb0712e30c0877b2c268d0	ELEA-2017-1391	ol5_i386_latest
	openssl-0.9.8e-40.0.1.el5_11.src.rpm	5d7d83808e217174504a5001a3cb28745704f4b6b8cb0712e30c0877b2c268d0	ELEA-2017-1391	ol5_u11_i386_patch
	openssl-0.9.8e-40.0.1.el5_11.i386.rpm	c104446f06ed69f1548706a9713126f991440facfb791d483e6debad395e2de2	ELEA-2017-1391	ol5_i386_latest
	openssl-0.9.8e-40.0.1.el5_11.i386.rpm	c104446f06ed69f1548706a9713126f991440facfb791d483e6debad395e2de2	ELEA-2017-1391	ol5_u11_i386_patch
	openssl-0.9.8e-40.0.1.el5_11.i686.rpm	c231a56dcf91cf92acb914be7d9068139134cd5056c1c67ec94fe0982c3200f1	ELEA-2017-1391	ol5_i386_latest
	openssl-0.9.8e-40.0.1.el5_11.i686.rpm	c231a56dcf91cf92acb914be7d9068139134cd5056c1c67ec94fe0982c3200f1	ELEA-2017-1391	ol5_u11_i386_patch
	openssl-devel-0.9.8e-40.0.1.el5_11.i386.rpm	c2932ac059866f6836f47ab2b8b8b539432eaf72e0d798c39450aba938bbe55e	ELEA-2017-1391	ol5_i386_latest
	openssl-devel-0.9.8e-40.0.1.el5_11.i386.rpm	c2932ac059866f6836f47ab2b8b8b539432eaf72e0d798c39450aba938bbe55e	ELEA-2017-1391	ol5_u11_i386_patch
	openssl-perl-0.9.8e-40.0.1.el5_11.i386.rpm	78e4d3cb8bb9110f04bb723290d3213ed7bcf7bb8efc7ada7c56730df52c3eb8	ELEA-2017-1391	ol5_i386_latest
	openssl-perl-0.9.8e-40.0.1.el5_11.i386.rpm	78e4d3cb8bb9110f04bb723290d3213ed7bcf7bb8efc7ada7c56730df52c3eb8	ELEA-2017-1391	ol5_u11_i386_patch

Oracle Linux 5 (ia64)	openssl-0.9.8e-40.0.1.el5_11.src.rpm	5d7d83808e217174504a5001a3cb28745704f4b6b8cb0712e30c0877b2c268d0	ELEA-2017-1391	ol5_ia64_latest
	openssl-0.9.8e-40.0.1.el5_11.src.rpm	5d7d83808e217174504a5001a3cb28745704f4b6b8cb0712e30c0877b2c268d0	ELEA-2017-1391	ol5_u11_ia64_patch
	openssl-0.9.8e-40.0.1.el5_11.i686.rpm	c231a56dcf91cf92acb914be7d9068139134cd5056c1c67ec94fe0982c3200f1	ELEA-2017-1391	ol5_ia64_latest
	openssl-0.9.8e-40.0.1.el5_11.i686.rpm	c231a56dcf91cf92acb914be7d9068139134cd5056c1c67ec94fe0982c3200f1	ELEA-2017-1391	ol5_u11_ia64_patch
	openssl-0.9.8e-40.0.1.el5_11.ia64.rpm	92ef8afa558040f2a6c4513b801797a62c947f2fc5d6e79b43e7bdc29ef58587	ELEA-2017-1391	ol5_ia64_latest
	openssl-0.9.8e-40.0.1.el5_11.ia64.rpm	92ef8afa558040f2a6c4513b801797a62c947f2fc5d6e79b43e7bdc29ef58587	ELEA-2017-1391	ol5_u11_ia64_patch
	openssl-devel-0.9.8e-40.0.1.el5_11.ia64.rpm	bc9e524201b71431b559a362853a345d85f59396be7a1c3a9568df2a269c2805	ELEA-2017-1391	ol5_ia64_latest
	openssl-devel-0.9.8e-40.0.1.el5_11.ia64.rpm	bc9e524201b71431b559a362853a345d85f59396be7a1c3a9568df2a269c2805	ELEA-2017-1391	ol5_u11_ia64_patch
	openssl-perl-0.9.8e-40.0.1.el5_11.ia64.rpm	7f692c5eebfbfb9a6258ba2e108b1f535ecb0d0401595950edbf4902cb00268e	ELEA-2017-1391	ol5_ia64_latest
	openssl-perl-0.9.8e-40.0.1.el5_11.ia64.rpm	7f692c5eebfbfb9a6258ba2e108b1f535ecb0d0401595950edbf4902cb00268e	ELEA-2017-1391	ol5_u11_ia64_patch

Oracle Linux 5 (x86_64)	openssl-0.9.8e-40.0.1.el5_11.src.rpm	5d7d83808e217174504a5001a3cb28745704f4b6b8cb0712e30c0877b2c268d0	ELEA-2017-1391	ol5_u11_x86_64_patch
	openssl-0.9.8e-40.0.1.el5_11.src.rpm	5d7d83808e217174504a5001a3cb28745704f4b6b8cb0712e30c0877b2c268d0	ELEA-2017-1391	ol5_x86_64_latest
	openssl-0.9.8e-40.0.1.el5_11.i686.rpm	c231a56dcf91cf92acb914be7d9068139134cd5056c1c67ec94fe0982c3200f1	ELEA-2017-1391	ol5_u11_x86_64_patch
	openssl-0.9.8e-40.0.1.el5_11.i686.rpm	c231a56dcf91cf92acb914be7d9068139134cd5056c1c67ec94fe0982c3200f1	ELEA-2017-1391	ol5_x86_64_latest
	openssl-0.9.8e-40.0.1.el5_11.x86_64.rpm	23e3bc307a603cc4fd3b16ab43b670e84655b54664d3d34f3570cfacab323df8	ELEA-2017-1391	ol5_u11_x86_64_patch
	openssl-0.9.8e-40.0.1.el5_11.x86_64.rpm	23e3bc307a603cc4fd3b16ab43b670e84655b54664d3d34f3570cfacab323df8	ELEA-2017-1391	ol5_x86_64_latest
	openssl-devel-0.9.8e-40.0.1.el5_11.i386.rpm	c2932ac059866f6836f47ab2b8b8b539432eaf72e0d798c39450aba938bbe55e	ELEA-2017-1391	ol5_u11_x86_64_patch
	openssl-devel-0.9.8e-40.0.1.el5_11.i386.rpm	c2932ac059866f6836f47ab2b8b8b539432eaf72e0d798c39450aba938bbe55e	ELEA-2017-1391	ol5_x86_64_latest
	openssl-devel-0.9.8e-40.0.1.el5_11.x86_64.rpm	fa74d93a6ab3cbdb1b10bc916e853be1dc8a8b274342952c76acdb126e3a031b	ELEA-2017-1391	ol5_u11_x86_64_patch
	openssl-devel-0.9.8e-40.0.1.el5_11.x86_64.rpm	fa74d93a6ab3cbdb1b10bc916e853be1dc8a8b274342952c76acdb126e3a031b	ELEA-2017-1391	ol5_x86_64_latest
	openssl-perl-0.9.8e-40.0.1.el5_11.x86_64.rpm	0d10f2e707f0cafbc31bfd7b2d86a1d192db211cb41a9bd6496545aa37519638	ELEA-2017-1391	ol5_u11_x86_64_patch
	openssl-perl-0.9.8e-40.0.1.el5_11.x86_64.rpm	0d10f2e707f0cafbc31bfd7b2d86a1d192db211cb41a9bd6496545aa37519638	ELEA-2017-1391	ol5_x86_64_latest

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691