Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2011-0677

Опубликовано: 28 мая 2011
Источник: oracle-oval
Платформа: Oracle Linux 6

Описание

ELSA-2011-0677: openssl security, bug fix, and enhancement update (MODERATE)

[1.0.0-10]

  • fix OCSP stapling vulnerability - CVE-2011-0014 (#676063)
  • correct the README.FIPS document

[1.0.0-8]

  • add -x931 parameter to openssl genrsa command to use the ANSI X9.31 key generation method
  • use FIPS-186-3 method for DSA parameter generation
  • add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable to allow using MD5 when the system is in the maintenance state even if the /proc fips flag is on
  • make openssl pkcs12 command work by default in the FIPS mode

[1.0.0-7]

  • listen on ipv6 wildcard in s_server so we accept connections from both ipv4 and ipv6 (#601612)
  • fix openssl speed command so it can be used in the FIPS mode with FIPS allowed ciphers (#619762)

[1.0.0-6]

  • disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864 (#649304)

[1.0.0-5]

  • fix race in extension parsing code - CVE-2010-3864 (#649304)

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

openssl

1.0.0-10.el6

openssl-devel

1.0.0-10.el6

openssl-perl

1.0.0-10.el6

openssl-static

1.0.0-10.el6

Oracle Linux i686

openssl

1.0.0-10.el6

openssl-devel

1.0.0-10.el6

openssl-perl

1.0.0-10.el6

openssl-static

1.0.0-10.el6

Связанные CVE

CVE-2011-0014

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2011-0014

ubuntu
больше 14 лет назад

ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability."

redhat логотип

CVE-2011-0014

redhat
больше 14 лет назад

ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability."

nvd логотип

CVE-2011-0014

nvd
больше 14 лет назад

ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability."

debian логотип

CVE-2011-0014

debian
больше 14 лет назад

ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c ...

github логотип

GHSA-w2hr-4cx4-4hmj

github
около 3 лет назад

ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability."