Stay Connected:

ELSA-2016-3556

ELSA-2016-3556 - openssl security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2016-05-09

Description


[1.0.1e-51.5]
- fix CVE-2016-2105 - possible overflow in base64 encoding
- fix CVE-2016-2106 - possible overflow in EVP_EncryptUpdate()
- fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC
- fix CVE-2016-2108 - memory corruption in ASN.1 encoder
- fix CVE-2016-2109 - possible DoS when reading ASN.1 data from BIO
- fix CVE-2016-0799 - memory issues in BIO_printf

[1.0.1e-51.4]
- fix CVE-2016-0702 - side channel attack on modular exponentiation
- fix CVE-2016-0705 - double-free in DSA private key parsing
- fix CVE-2016-0797 - heap corruption in BN_hex2bn and BN_dec2bn

[1.0.1e-51.3]
- fix CVE-2015-3197 - SSLv2 ciphersuite enforcement
- disable SSLv2 in the generic TLS method

[1.0.1e-51.2]
- fix CVE-2015-7575 - disallow use of MD5 in TLS1.2

[1.0.1e-51.1]
- fix CVE-2015-3194 - certificate verify crash with missing PSS parameter
- fix CVE-2015-3195 - X509_ATTRIBUTE memory leak
- fix CVE-2015-3196 - race condition when handling PSK identity hint


Related CVEs


CVE-2016-2109
CVE-2016-2107
CVE-2016-2106
CVE-2016-2108
CVE-2016-2842
CVE-2016-0799
CVE-2016-2105

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 7 (x86_64) openssl-1.0.1e-51.ksplice1.el7_2.5.src.rpm26bc22e644b798afcfe74867919396bb6d3bdeac25815b37bcf15ceb808522fcELSA-2017-3518ol7_x86_64_userspace_ksplice
openssl-1.0.1e-51.ksplice1.el7_2.5.x86_64.rpmb990e25eebceefcc31a3c5219999d12b63735973a43d5320efa6cf6350539cb1ELSA-2017-3518ol7_x86_64_userspace_ksplice
openssl-devel-1.0.1e-51.ksplice1.el7_2.5.i686.rpm7dff9fcf4bfc53da5fb3df05bfe583ac8e4df9ac11285b6769b40e9976db6c02ELSA-2017-3518ol7_x86_64_userspace_ksplice
openssl-devel-1.0.1e-51.ksplice1.el7_2.5.x86_64.rpmbb0a4f884f856a553b2860c94ed58d5e5fcb41a071f69dd32019d23cbd7fd2b6ELSA-2017-3518ol7_x86_64_userspace_ksplice
openssl-libs-1.0.1e-51.ksplice1.el7_2.5.i686.rpm6f3831fef7dfb69b037ec81b59ffabf0dc64f922b5761a60a2f0d055bb6fb7d7ELSA-2017-3518ol7_x86_64_userspace_ksplice
openssl-libs-1.0.1e-51.ksplice1.el7_2.5.x86_64.rpm7807528c68b41e02d17b298728635ee51020aa888f935725e52aa199c8d306f5ELSA-2017-3518ol7_x86_64_userspace_ksplice
openssl-perl-1.0.1e-51.ksplice1.el7_2.5.x86_64.rpm7e9eb4db4fafb255d2f83ebf128cd49fcf56235b15e0de665d334a4832bbec11ELSA-2017-3518ol7_x86_64_userspace_ksplice
openssl-static-1.0.1e-51.ksplice1.el7_2.5.i686.rpmdffe3a7d5245a8a24fe82bec9ca3a99b0876b39c7391595a6bb9f115586fa7bcELSA-2017-3518ol7_x86_64_userspace_ksplice
openssl-static-1.0.1e-51.ksplice1.el7_2.5.x86_64.rpm2307a9ef6254231749c893a3b1a957aad8f8a19a5170facd6dc83207849edb3eELSA-2017-3518ol7_x86_64_userspace_ksplice



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights