New Search

ELSA-2014-1052 -- openssl security update (moderate)

oval:org.mitre.oval:def:27233

[1.0.1e-34.4] - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing server hello - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix CVE-2014-3511 - disallow protocol downgrade via fragmentation

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 6
  • Oracle Linux 7
Class:
patch
Reference(s):
  • ELSA-2014-1052
  • CVE-2014-3505
  • CVE-2014-3506
  • CVE-2014-3507
  • CVE-2014-3508
  • CVE-2014-3509
  • CVE-2014-3510
  • CVE-2014-3511
Product(s):
  • openssl