ELSA-2016-3558

ELSA-2016-3558 - openssl security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2016-05-13

Description

[1.0.1e-48.1]
- fix CVE-2016-2105 - possible overflow in base64 encoding
- fix CVE-2016-2106 - possible overflow in EVP_EncryptUpdate()
- fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC
- fix CVE-2016-2108 - memory corruption in ASN.1 encoder
- fix CVE-2016-2109 - possible DoS when reading ASN.1 data from BIO
- fix CVE-2016-0799 - memory issues in BIO_printf

Related CVEs

CVE-2016-0799

CVE-2016-2109

CVE-2016-2842

CVE-2016-2108

CVE-2016-2106

CVE-2016-2107

CVE-2016-2105

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 6 (x86_64)	openssl-1.0.1e-48.ksplice1.el6_8.1.src.rpm	8fec74644c02a85db5f5cd235dfd7e2f5a45a75ee35a7aafbafab4e9a304e1b4	ELSA-2023-12326	ol6_x86_64_userspace_ksplice
	openssl-1.0.1e-48.ksplice1.el6_8.1.i686.rpm	8c085b2ec72961086feb88a1bbb636176b480f7914ff4abd96b5bc7734d9919c	ELSA-2023-12326	ol6_x86_64_userspace_ksplice
	openssl-1.0.1e-48.ksplice1.el6_8.1.x86_64.rpm	022dccc31a1da0fc22c4ddef0900876b8c2b4a8d607b4aa025f9090a15945d32	ELSA-2023-12326	ol6_x86_64_userspace_ksplice
	openssl-devel-1.0.1e-48.ksplice1.el6_8.1.i686.rpm	e935bd67f994ed0b50d5e335249863227aee0d16dd7eb529f1a813e9e9ded4f7	ELSA-2023-12326	ol6_x86_64_userspace_ksplice
	openssl-devel-1.0.1e-48.ksplice1.el6_8.1.x86_64.rpm	41a9f708249ca2b91bd3dfbc55c2424c3a2c97d33fa76914753146201823d8f3	ELSA-2023-12326	ol6_x86_64_userspace_ksplice
	openssl-perl-1.0.1e-48.ksplice1.el6_8.1.x86_64.rpm	ed308ab7c7d8f230a00b14070ae580df6851830b39fcb506d0d62c479f848901	ELSA-2023-12326	ol6_x86_64_userspace_ksplice
	openssl-static-1.0.1e-48.ksplice1.el6_8.1.x86_64.rpm	3e4ccad859dba235d00e23fc02842d4af040497ea9824d71a21e3ad3deb25a93	ELSA-2023-12326	ol6_x86_64_userspace_ksplice

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team