Oval Definition:oval:com.redhat.rhsa:def:20111409
Revision Date:2011-10-26Version:636
Title:RHSA-2011:1409: openssl security update (Moderate)
Description:OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.

  • An uninitialized variable use flaw was found in OpenSSL. This flaw could cause an application using the OpenSSL Certificate Revocation List (CRL) checking functionality to incorrectly accept a CRL that has a nextUpdate date in the past. (CVE-2011-3207)

    All OpenSSL users should upgrade to these updated packages, which contain a backported patch to resolve this issue. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2011-3207
    CVE-2011-3207
    RHSA-2011:1409
    RHSA-2011:1409-01
    RHSA-2011:1409-01
    Platform(s):Red Hat Enterprise Linux 6
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • openssl is earlier than 0:1.0.0-10.el6_1.5
  • AND openssl is signed with Red Hat redhatrelease2 key
  • openssl-devel is earlier than 0:1.0.0-10.el6_1.5
  • AND openssl-devel is signed with Red Hat redhatrelease2 key
  • openssl-perl is earlier than 0:1.0.0-10.el6_1.5
  • AND openssl-perl is signed with Red Hat redhatrelease2 key
  • openssl-static is earlier than 0:1.0.0-10.el6_1.5
  • AND openssl-static is signed with Red Hat redhatrelease2 key
    • BACK