OVMSA-2014-0040
- ULN >
- Oracle Linux Errata repository >
- OVMSA-2014-0040
OVMSA-2014-0040 - openssl security update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2014-11-05 |
Description
[0.9.8e-31]
- add support for fallback SCSV to partially mitigate CVE-2014-3566
(padding attack on SSL3)
[0.9.8e-30]
- fix CVE-2014-0221 - recursion in DTLS code leading to DoS
- fix CVE-2014-3505 - doublefree in DTLS packet processing
- fix CVE-2014-3506 - avoid memory exhaustion in DTLS
- fix CVE-2014-3508 - fix OID handling to avoid information leak
- fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS
[0.9.8e-29]
- fix for CVE-2014-0224 - SSL/TLS MITM vulnerability
[0.9.8e-28]
- replace expired GlobalSign Root CA certificate in ca-bundle.crt
Related CVEs
| CVE-2014-3566 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle VM 2.2 (i386) | openssl-0.9.8e-31.el5_11.src.rpm | 3b6ef3a34c26652b300e494d7cabf4a627193d6de180b67789b3adda1e2901c2 | OVMSA-2023-0013 | ovm22_i386_latest |
| openssl-0.9.8e-31.el5_11.i386.rpm | 725fd50b01f4ea4654a41d86ac82beaba68930700ca72784853342a761c27bfc | OVMSA-2023-0013 | ovm22_i386_latest | |
| openssl-0.9.8e-31.el5_11.i686.rpm | f98087cb0318289fddcddc168fa80fec3fc77a5b9be2cb2bebbc863c5707a445 | OVMSA-2023-0013 | ovm22_i386_latest | |
| Oracle VM 3.2 (x86_64) | openssl-0.9.8e-31.el5_11.src.rpm | 3b6ef3a34c26652b300e494d7cabf4a627193d6de180b67789b3adda1e2901c2 | OVMSA-2023-0013 | ovm3_3.2.1_x86_64_patch |
| openssl-0.9.8e-31.el5_11.i686.rpm | f98087cb0318289fddcddc168fa80fec3fc77a5b9be2cb2bebbc863c5707a445 | OVMSA-2023-0013 | ovm3_3.2.1_x86_64_patch | |
| openssl-0.9.8e-31.el5_11.x86_64.rpm | 405e7bda1ab098ee91493d631e5777bad1a58d46fc754a6ad954b5645ac449f1 | OVMSA-2023-0013 | ovm3_3.2.1_x86_64_patch | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
