OracleVM 3.2 : openssl (OVMSA-2016-0141)

The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2016-2177 - possible integer overflow - fix CVE-2016-2178 - non-constant time DSA operations - fix CVE-2016-2182 - possible buffer overflow in BNbn2dec - fix CVE-2016-6306 - certificate messag...

USN-3087-2 openssl regression

USN-3087-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Shi Lei discovered that OpenSSL incorrectly handled the OCSP Statu...