exploitDog

ELSA-2016-1940

Опубликовано: 27 сент. 2016

Источник: oracle-oval

Платформа: Oracle Linux 6

Платформа: Oracle Linux 7

Описание

ELSA-2016-1940: openssl security update (IMPORTANT)

[1.0.1e-48.3]

fix CVE-2016-2177 - possible integer overflow
fix CVE-2016-2178 - non-constant time DSA operations
fix CVE-2016-2179 - further DoS issues in DTLS
fix CVE-2016-2180 - OOB read in TS_OBJ_print_bio()
fix CVE-2016-2181 - DTLS1 replay protection and unprocessed records issue
fix CVE-2016-2182 - possible buffer overflow in BN_bn2dec()
fix CVE-2016-6302 - insufficient TLS session ticket HMAC length check
fix CVE-2016-6304 - unbound memory growth with OCSP status request
fix CVE-2016-6306 - certificate message OOB reads
mitigate CVE-2016-2183 - degrade all 64bit block ciphers and RC4 to 112 bit effective strength
replace expired testing certificates

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

openssl

1.0.1e-48.el6_8.3

openssl-devel

1.0.1e-48.el6_8.3

openssl-perl

1.0.1e-48.el6_8.3

openssl-static

1.0.1e-48.el6_8.3

Oracle Linux i686

openssl

1.0.1e-48.el6_8.3

openssl-devel

1.0.1e-48.el6_8.3

openssl-perl

1.0.1e-48.el6_8.3

openssl-static

1.0.1e-48.el6_8.3

Oracle Linux 7

Oracle Linux x86_64

openssl

1.0.1e-51.el7_2.7

openssl-devel

1.0.1e-51.el7_2.7

openssl-libs

1.0.1e-51.el7_2.7

openssl-perl

1.0.1e-51.el7_2.7

openssl-static

1.0.1e-51.el7_2.7

Связанные CVE

Ссылки на источники

Связанные уязвимости

ELSA-2016-3621

oracle-oval

больше 8 лет назад

ELSA-2016-3621: openssl security update (IMPORTANT)

openSUSE-SU-2016:2407-1

suse-cvrf

больше 8 лет назад

Security update for openssl

SUSE-SU-2016:2469-1

suse-cvrf

больше 8 лет назад

Security update for openssl1

SUSE-SU-2016:2394-1

suse-cvrf

больше 8 лет назад

Security update for openssl

SUSE-SU-2016:2387-1

suse-cvrf

больше 8 лет назад

Security update for openssl