4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.47 Medium
EPSS
Percentile
97.4%
Package : openssl
Version : 0.9.8o-4squeeze17
CVE ID : CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508
CVE-2014-3510
Detailed descriptions of the vulnerabilities can be found at:
https://www.openssl.org/news/secadv_20140806.txt
It's important that you upgrade the libssl0.9.8 package and not just
the openssl package.
All applications linked to openssl need to be restarted. You can use
the "checkrestart" tool from the debian-goodies package to detect
affected programs. Alternatively, you may reboot your system.
Attachment:
signature.asc
Description: Digital signature
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | sparc | libssl-dev | < 1.0.1e-2+deb7u12 | libssl-dev_1.0.1e-2+deb7u12_sparc.deb |
Debian | 7 | s390x | libssl1.0.0 | < 1.0.1e-2+deb7u12 | libssl1.0.0_1.0.1e-2+deb7u12_s390x.deb |
Debian | 7 | ia64 | libssl1.0.0 | < 1.0.1e-2+deb7u12 | libssl1.0.0_1.0.1e-2+deb7u12_ia64.deb |
Debian | 7 | s390 | libssl-dev | < 1.0.1e-2+deb7u12 | libssl-dev_1.0.1e-2+deb7u12_s390.deb |
Debian | 7 | kfreebsd-i386 | libssl1.0.0-dbg | < 1.0.1e-2+deb7u12 | libssl1.0.0-dbg_1.0.1e-2+deb7u12_kfreebsd-i386.deb |
Debian | 6 | i386 | openssl | < 0.9.8o-4squeeze17 | openssl_0.9.8o-4squeeze17_i386.deb |
Debian | 7 | s390 | openssl | < 1.0.1e-2+deb7u12 | openssl_1.0.1e-2+deb7u12_s390.deb |
Debian | 7 | sparc | openssl | < 1.0.1e-2+deb7u12 | openssl_1.0.1e-2+deb7u12_sparc.deb |
Debian | 7 | sparc | libssl1.0.0 | < 1.0.1e-2+deb7u12 | libssl1.0.0_1.0.1e-2+deb7u12_sparc.deb |
Debian | 7 | ia64 | libssl1.0.0-dbg | < 1.0.1e-2+deb7u12 | libssl1.0.0-dbg_1.0.1e-2+deb7u12_ia64.deb |