ELSA-2015-1115

Опубликовано: 15 июн. 2015

Источник: oracle-oval

Платформа: Oracle Linux 6

Платформа: Oracle Linux 7

Описание

ELSA-2015-1115: openssl security update (MODERATE)

[1.0.1e-42.8]

improved fix for CVE-2015-1791
add missing parts of CVE-2015-0209 fix for corectness although unexploitable

[1.0.1e-42.7]

fix CVE-2014-8176 - invalid free in DTLS buffering code
fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time
fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent
fix CVE-2015-1791 - race condition handling NewSessionTicket
fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function
fix CVE-2015-3216 - regression in RAND locking that can cause segfaults on read in multithreaded applications

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

openssl

1.0.1e-30.el6_6.11

openssl-devel

1.0.1e-30.el6_6.11

openssl-perl

1.0.1e-30.el6_6.11

openssl-static

1.0.1e-30.el6_6.11

Oracle Linux i686

openssl

1.0.1e-30.el6_6.11

openssl-devel

1.0.1e-30.el6_6.11

openssl-perl

1.0.1e-30.el6_6.11

openssl-static

1.0.1e-30.el6_6.11

Oracle Linux 7

Oracle Linux x86_64

openssl

1.0.1e-42.el7_1.8

openssl-devel

1.0.1e-42.el7_1.8

openssl-libs

1.0.1e-42.el7_1.8

openssl-perl

1.0.1e-42.el7_1.8

openssl-static

1.0.1e-42.el7_1.8

Связанные CVE

Ссылки на источники

Связанные уязвимости

SUSE-SU-2015:1150-1

suse-cvrf

около 10 лет назад

Security update for compat-openssl098

SUSE-SU-2015:1143-1

suse-cvrf

около 10 лет назад

Security update for openssl

SUSE-SU-2015:1182-2

suse-cvrf

почти 11 лет назад

Security update for OpenSSL

SUSE-SU-2015:0545-2

suse-cvrf

почти 11 лет назад

Security update for OpenSSL

SUSE-SU-2015:1184-2

suse-cvrf

больше 12 лет назад

Security update for OpenSSL