DebianDEBIAN:DSA-2950-2:DC295[SECURITY] [DSA 2950-2] openssl update
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.97 High
EPSS
Percentile
99.7%
Debian Security Advisory DSA-2950-2 [email protected]
http://www.debian.org/security/ Moritz Muehlenhoff
June 16, 2014 http://www.debian.org/security/faq
Package : openssl
CVE ID : CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470
This update updates the upstream fix for CVE-2014-0224 to address
problems with CCS which could result in problems with the Postgres
database.
In addition this update disables ZLIB compress by default. If you need
to re-enable it for some reason, you can set the environment variable
OPENSSL_NO_DEFAULT_ZLIB.
This update also fixes a header declaration which could result in
build failures in applications using OpenSSL.
For the stable distribution (wheezy), these problems have been fixed in
version 1.0.1e-2+deb7u11.
We recommend that you upgrade your openssl packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: [email protected]
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 7 | mips | libcrypto1.0.0-udeb | < 1.0.1e-2+deb7u10 | libcrypto1.0.0-udeb_1.0.1e-2+deb7u10_mips.deb |
| Debian | 6 | i386 | libssl0.9.8-dbg | < 0.9.8o-4squeeze15 | libssl0.9.8-dbg_0.9.8o-4squeeze15_i386.deb |
| Debian | 7 | armel | libssl1.0.0-dbg | < 1.0.1e-2+deb7u10 | libssl1.0.0-dbg_1.0.1e-2+deb7u10_armel.deb |
| Debian | 7 | sparc | libcrypto1.0.0-udeb | < 1.0.1e-2+deb7u10 | libcrypto1.0.0-udeb_1.0.1e-2+deb7u10_sparc.deb |
| Debian | 7 | s390 | openssl | < 1.0.1e-2+deb7u10 | openssl_1.0.1e-2+deb7u10_s390.deb |
| Debian | 6 | i386 | libcrypto0.9.8-udeb | < 0.9.8o-4squeeze15 | libcrypto0.9.8-udeb_0.9.8o-4squeeze15_i386.deb |
| Debian | 7 | ia64 | libssl1.0.0-dbg | < 1.0.1e-2+deb7u10 | libssl1.0.0-dbg_1.0.1e-2+deb7u10_ia64.deb |
| Debian | 6 | all | openssl | < 0.9.8o-4squeeze15 | openssl_0.9.8o-4squeeze15_all.deb |
| Debian | 7 | powerpc | openssl | < 1.0.1e-2+deb7u10 | openssl_1.0.1e-2+deb7u10_powerpc.deb |
| Debian | 6 | amd64 | libssl0.9.8 | < 0.9.8o-4squeeze15 | libssl0.9.8_0.9.8o-4squeeze15_amd64.deb |
Related
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.97 High
EPSS
Percentile
99.7%