Oval Definition:	oval:org.mitre.oval:def:28514
Revision Date: 2015-08-17 Version: 9 Title: RHSA-2015:0800 -- openssl security update (Moderate) Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)and Transport Layer Security (TLS v1) protocols, as well as afull-strength, general purpose cryptography library.It was discovered that OpenSSL would accept ephemeral RSA keys when usingnon-export RSA cipher suites. A malicious server could make a TLS/SSLclient using OpenSSL use a weaker key exchange method. (CVE-2015-0204) Family: unix Class: patch Status: ACCEPTED Reference(s): CESA-2015:0800 CVE-2014-8275 CVE-2015-0204 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 RHSA-2015:0800 Platform(s): CentOS Linux 5 Red Hat Enterprise Linux 5 Product(s): openssl Definition Synopsis Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 AND openssl-debuginfo is earlier than 0:0.9.8e-33.el5_11 Red Hat Enterprise Linux 5 and CentOS Linux 5 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 5 OR The operating system installed on the system is CentOS Linux 5.x AND Packages match section openssl-devel is earlier than 0:0.9.8e-33.el5_11 OR openssl is earlier than 0:0.9.8e-33.el5_11 OR openssl-perl is earlier than 0:0.9.8e-33.el5_11
BACK