Lucene search

K
debianDebianDEBIAN:DLA-33-1:85002
HistoryAug 07, 2014 - 8:36 p.m.

[DLA 33-1] openssl security update

2014-08-0720:36:09
lists.debian.org
15

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.47 Medium

EPSS

Percentile

97.4%

Package : openssl
Version : 0.9.8o-4squeeze17
CVE ID : CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508
CVE-2014-3510

Detailed descriptions of the vulnerabilities can be found at:
https://www.openssl.org/news/secadv_20140806.txt

It's important that you upgrade the libssl0.9.8 package and not just
the openssl package.

All applications linked to openssl need to be restarted. You can use
the "checkrestart" tool from the debian-goodies package to detect
affected programs. Alternatively, you may reboot your system.

Attachment:
signature.asc
Description: Digital signature

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.47 Medium

EPSS

Percentile

97.4%