Oval Definition:
oval:org.mitre.oval:def:21649
Revision Date
:
2014-02-24
Version
:
6
Title
:
RHSA-2011:1409: openssl security update (Moderate)
Description
:
crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past.
Family
:
unix
Class
:
patch
Status
:
ACCEPTED
Reference(s)
:
CVE-2011-3207
RHSA-2011:1409-01
Platform(s)
:
Red Hat Enterprise Linux 6
Product(s)
:
openssl
Definition Synopsis
The operating system installed on the system is Red Hat Enterprise Linux 6
AND
Packages section
openssl-devel is earlier than 0:1.0.0-10.el6_1.5
OR
openssl-static is earlier than 0:1.0.0-10.el6_1.5
OR
openssl-perl is earlier than 0:1.0.0-10.el6_1.5
OR
openssl is earlier than 0:1.0.0-10.el6_1.5
BACK