OVMSA-2014-0040 - openssl security update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2014-11-05 |
Description
[0.9.8e-31]
- add support for fallback SCSV to partially mitigate CVE-2014-3566
(padding attack on SSL3)
[0.9.8e-30]
- fix CVE-2014-0221 - recursion in DTLS code leading to DoS
- fix CVE-2014-3505 - doublefree in DTLS packet processing
- fix CVE-2014-3506 - avoid memory exhaustion in DTLS
- fix CVE-2014-3508 - fix OID handling to avoid information leak
- fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS
[0.9.8e-29]
- fix for CVE-2014-0224 - SSL/TLS MITM vulnerability
[0.9.8e-28]
- replace expired GlobalSign Root CA certificate in ca-bundle.crt
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle VM 2.2 (i386) | openssl-0.9.8e-31.el5_11.src.rpm | 2fd5571dd65ec5bc009804846244d3d8 | OVMSA-2021-0011 |
| openssl-0.9.8e-31.el5_11.i386.rpm | 71a8071f5d162e576e9264f03426b9c3 | OVMSA-2021-0011 |
| openssl-0.9.8e-31.el5_11.i686.rpm | 72edfaf9d0a63546f535738e1117d4d8 | OVMSA-2021-0011 |
|
| Oracle VM 3.2 (x86_64) | openssl-0.9.8e-31.el5_11.src.rpm | 2fd5571dd65ec5bc009804846244d3d8 | OVMSA-2021-0011 |
| openssl-0.9.8e-31.el5_11.i686.rpm | 72edfaf9d0a63546f535738e1117d4d8 | OVMSA-2021-0011 |
| openssl-0.9.8e-31.el5_11.x86_64.rpm | 38451584fab655c73bb1e9c6ee760050 | OVMSA-2021-0011 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
