OVMSA-2015-0039 - openssl security update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2015-03-24 |
Description
[1.0.1e-30.7]
- update fix for CVE-2015-0287 to what was released upstream
[1.0.1e-30.6]
- fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey()
- fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison
- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption
- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data
- fix CVE-2015-0292 - integer underflow in base64 decoder
- fix CVE-2015-0293 - triggerable assert in SSLv2 server
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle VM 3.3 (x86_64) | openssl-1.0.1e-30.el6_6.7.src.rpm | 16b0eb6d0424ff697da4338de9858e59d47b4983225fb108ed11435f27353aeb | OVMSA-2023-0013 | ovm3_x86_64_3.3_patch |
| openssl-1.0.1e-30.el6_6.7.x86_64.rpm | ba99141cbf28d7c46acfe30111338f3035011691bb309e27ec49e6e456a01a06 | OVMSA-2023-0013 | ovm3_x86_64_3.3_patch |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
