Oval Definition:
oval:org.mitre.oval:def:27233
Revision Date
:
2015-02-23
Version
:
13
Title
:
ELSA-2014-1052 -- openssl security update (moderate)
Description
:
[1.0.1e-34.4] - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing server hello - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix CVE-2014-3511 - disallow protocol downgrade via fragmentation
Family
:
unix
Class
:
patch
Status
:
ACCEPTED
Reference(s)
:
CVE-2014-3505
CVE-2014-3506
CVE-2014-3507
CVE-2014-3508
CVE-2014-3509
CVE-2014-3510
CVE-2014-3511
ELSA-2014-1052
Platform(s)
:
Oracle Linux 6
Oracle Linux 7
Product(s)
:
openssl
Definition Synopsis
Oracle Linux 6 release section
Oracle Linux 6.x
AND
Packages match section
openssl is earlier than 0:1.0.1e-16.el6_5.15
OR
openssl-devel is earlier than 0:1.0.1e-16.el6_5.15
OR
openssl-perl is earlier than 0:1.0.1e-16.el6_5.15
OR
openssl-static is earlier than 0:1.0.1e-16.el6_5.15
Oracle Linux 7 release section
Oracle Linux 7.x
AND
Packages match section
openssl is earlier than 1:1.0.1e-34.el7_0.4
OR
openssl-devel is earlier than 1:1.0.1e-34.el7_0.4
OR
openssl-libs is earlier than 1:1.0.1e-34.el7_0.4
OR
openssl-perl is earlier than 1:1.0.1e-34.el7_0.4
OR
openssl-static is earlier than 1:1.0.1e-34.el7_0.4
BACK