Описание
ELSA-2009-1335: openssl security, bug fix, and enhancement update (MODERATE)
[0.9.8e-12]
- abort if selftests failed and random number generator is polled
- mention EVP_aes and EVP_sha2xx routines in the manpages
- add README.FIPS
[0.9.8e-10]
- fix CVE-2009-1386 CVE-2009-1387 (DTLS DoS problems) (#503685, #503688)
[0.9.8e-9]
- fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 (DTLS DoS problems) (#501253, #501254, #501572)
[0.9.8e-8]
- support multiple CRLs with same subject in a store (#457134)
- fix CVE-2009-0590 - reject incorrectly encoded ASN.1 strings (#492304)
- seed FIPS rng directly from kernel random device
- do not require fipscheck to build the package (#475798)
- call pairwise key tests in FIPS mode only (#479817)
- do not crash when parsing bad mime data (#472440)
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
openssl
0.9.8e-12.el5
openssl-devel
0.9.8e-12.el5
openssl-perl
0.9.8e-12.el5
Oracle Linux x86_64
openssl
0.9.8e-12.el5
openssl-devel
0.9.8e-12.el5
openssl-perl
0.9.8e-12.el5
Oracle Linux i386
openssl
0.9.8e-12.el5
openssl-devel
0.9.8e-12.el5
openssl-perl
0.9.8e-12.el5
Ссылки на источники
Связанные уязвимости
Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить целостность и доступность защищаемой информации
ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause ...