Important openssl security update

2006-11-30T00:00:00
ID ELSA-2006-0695
Type oraclelinux
Reporter Oracle
Modified 2006-11-30T00:00:00

Description

[0.9.7a-43.14] - fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276) - fix CVE-2006-2940 - parasitic public keys DoS (#207274) - fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940) - fix CVE-2006-4343 - sslv2 client DoS (#206940)

[0.9.7a-43.11] - fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180) - don't overwrite customized ca-bundle.pem on upgrade (#175811)