Oval Definition:oval:org.mitre.oval:def:22018
Revision Date:2014-06-30Version:51
Title:RHSA-2014:0015: openssl security update (Important)
Description:The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2014:0015
CVE-2013-4353
CVE-2013-6449
CVE-2013-6450
RHSA-2014:0015-00
Platform(s):CentOS Linux 6
Red Hat Enterprise Linux 6
Product(s):openssl
Definition Synopsis
  • Redhat 6 or Centos 6 release
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • OR The operating system installed on the system is CentOS Linux 6.x
  • AND Packages section
  • openssl-devel is earlier than 0:1.0.1e-16.el6_5.4
  • OR openssl is earlier than 0:1.0.1e-16.el6_5.4
  • OR openssl-perl is earlier than 0:1.0.1e-16.el6_5.4
  • OR openssl-static is earlier than 0:1.0.1e-16.el6_5.4
    • BACK