Описание
ELSA-2009-0004: openssl security update (IMPORTANT)
openssl:
[0.9.8b-10.1]
- fix CVE-2008-5077 - incorrect checks for malformed signatures (#476671)
openssl097a:
[0.9.7a-9.1]
- CVE-2008-5077 - incorrect checks for malformed signatures (#476671)
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
openssl097a
0.9.7a-9.el5_2.1
Oracle Linux x86_64
openssl
0.9.8b-10.el5_2.1
openssl-devel
0.9.8b-10.el5_2.1
openssl-perl
0.9.8b-10.el5_2.1
openssl097a
0.9.7a-9.el5_2.1
Oracle Linux i386
openssl
0.9.8b-10.el5_2.1
openssl-devel
0.9.8b-10.el5_2.1
openssl-perl
0.9.8b-10.el5_2.1
openssl097a
0.9.7a-9.el5_2.1
Связанные CVE
Связанные уязвимости
OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
OpenSSL 0.9.8i and earlier does not properly check the return value fr ...
OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.