Lucene search

K
oraclelinuxOracleELSA-2015-0066
HistoryJan 20, 2015 - 12:00 a.m.

openssl security update

2015-01-2000:00:00
Oracle
linux.oracle.com
20

0.965 High

EPSS

Percentile

99.5%

[1.0.1e-34.7]

  • fix CVE-2014-3570 - incorrect computation in BN_sqr()
  • fix CVE-2014-3571 - possible crash in dtls1_get_record()
  • fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state
  • fix CVE-2014-8275 - various certificate fingerprint issues
  • fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export
    ciphersuites and on server
  • fix CVE-2015-0205 - do not allow unauthenticated client DH certificate
  • fix CVE-2015-0206 - possible memory leak when buffering DTLS records