Lucene search

K
oraclelinuxOracleELSA-2015-3010
HistoryFeb 26, 2015 - 12:00 a.m.

openssl security update

2015-02-2600:00:00
Oracle
linux.oracle.com
48

0.965 High

EPSS

Percentile

99.5%

[0.9.8e-32.0.1]

  • Backport openssl 08-Jan-2015 security fixes (John Haxby) [orabug 20409893]
  • fix CVE-2014-3570 - Bignum squaring may produce incorrect results
  • fix CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record
  • fix CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client]
  • fix CVE-2014-8275 - Certificate fingerprints can be modified
  • fix CVE-2015-0204 - RSA silently downgrades to EXPORT_RSA [Client]