ELSA-2014-1653

Опубликовано: 16 окт. 2014

Источник: oracle-oval

Платформа: Oracle Linux 5

Описание

ELSA-2014-1653: openssl security update (MODERATE)

[0.9.8e-31]

add support for fallback SCSV to partially mitigate CVE-2014-3566 (padding attack on SSL3)

[0.9.8e-30]

fix CVE-2014-0221 - recursion in DTLS code leading to DoS
fix CVE-2014-3505 - doublefree in DTLS packet processing
fix CVE-2014-3506 - avoid memory exhaustion in DTLS
fix CVE-2014-3508 - fix OID handling to avoid information leak
fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS

[0.9.8e-29]

fix for CVE-2014-0224 - SSL/TLS MITM vulnerability

[0.9.8e-28]

replace expired GlobalSign Root CA certificate in ca-bundle.crt

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

openssl

0.9.8e-31.el5_11

openssl-devel

0.9.8e-31.el5_11

openssl-perl

0.9.8e-31.el5_11

Oracle Linux x86_64

openssl

0.9.8e-31.el5_11

openssl-devel

0.9.8e-31.el5_11

openssl-perl

0.9.8e-31.el5_11

Oracle Linux i386

openssl

0.9.8e-31.el5_11

openssl-devel

0.9.8e-31.el5_11

openssl-perl

0.9.8e-31.el5_11

Ссылки на источники

https://linux.oracle.com/errata/ELSA-2014-1653.html

Связанные уязвимости

openSUSE-SU-2025:0153-1

suse-cvrf

4 месяца назад

Security update for git-lfs

openSUSE-SU-2025:0152-1

suse-cvrf

4 месяца назад

Security update for kanidm

openSUSE-SU-2025:0148-1

suse-cvrf

4 месяца назад

Security update for chromium

openSUSE-SU-2025:0147-1

suse-cvrf

4 месяца назад

Security update for mozjs102

openSUSE-SU-2025:0145-1

suse-cvrf

4 месяца назад

Security update for chromium