Oval Definition:oval:org.mitre.oval:def:27233
Revision Date:2015-02-23Version:13
Title:ELSA-2014-1052 -- openssl security update (moderate)
Description:[1.0.1e-34.4] - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing server hello - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix CVE-2014-3511 - disallow protocol downgrade via fragmentation
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2014-3505
CVE-2014-3506
CVE-2014-3507
CVE-2014-3508
CVE-2014-3509
CVE-2014-3510
CVE-2014-3511
ELSA-2014-1052
Platform(s):Oracle Linux 6
Oracle Linux 7
Product(s):openssl
Definition Synopsis
  • Oracle Linux 6 release section
  • Oracle Linux 6.x
  • AND Packages match section
  • openssl is earlier than 0:1.0.1e-16.el6_5.15
  • OR openssl-devel is earlier than 0:1.0.1e-16.el6_5.15
  • OR openssl-perl is earlier than 0:1.0.1e-16.el6_5.15
  • OR openssl-static is earlier than 0:1.0.1e-16.el6_5.15
  • Oracle Linux 7 release section
  • Oracle Linux 7.x
  • AND Packages match section
  • openssl is earlier than 1:1.0.1e-34.el7_0.4
  • OR openssl-devel is earlier than 1:1.0.1e-34.el7_0.4
  • OR openssl-libs is earlier than 1:1.0.1e-34.el7_0.4
  • OR openssl-perl is earlier than 1:1.0.1e-34.el7_0.4
  • OR openssl-static is earlier than 1:1.0.1e-34.el7_0.4
    • BACK