openssl security update

2015-06-30T00:00:00
ID ELSA-2015-1197
Type oraclelinux
Reporter Oracle
Modified 2015-06-30T00:00:00

Description

[0.9.8e-36.0.1] - Backport openssl 08-Jan-2015 security fixes (John Haxby) [orabug 20409893] - fix CVE-2014-3570 - Bignum squaring may produce incorrect results - fix CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record - fix CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client] [0.9.8e-36] - also change the default DH parameters in s_server to 1024 bits [0.9.8e-35] - fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time - fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent - fix CVE-2015-4000 - prevent the logjam attack on client - restrict the DH key size to at least 768 bits (limit will be increased in future)