openssl security update

2015-02-26T00:00:00
ID ELSA-2015-3010
Type oraclelinux
Reporter Oracle
Modified 2015-02-26T00:00:00

Description

[0.9.8e-32.0.1] - Backport openssl 08-Jan-2015 security fixes (John Haxby) [orabug 20409893] - fix CVE-2014-3570 - Bignum squaring may produce incorrect results - fix CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record - fix CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client] - fix CVE-2014-8275 - Certificate fingerprints can be modified - fix CVE-2015-0204 - RSA silently downgrades to EXPORT_RSA [Client]