SUSE CVE-2011-0014

ssl/t1lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service crash, and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access,...

Fedora 13 : openssl-1.0.0d-1.fc13 (2011-1255)

This is update to a new upstream release that fixes CVE-2011-0014 - OCSP stapling vulnerability. There are also changes updating the FIPS validation related code that should not affect in any way operation of the OpenSSL library in the non-FIPS mode. Note that Tenable Network Security has extract...

CVE-2011-0014

ssl/t1lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service crash, and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access,...

[slackware-security] openssl

New openssl packages are available for 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/openssl-0.9.8r-i486-1slack13.1.txz: Upgraded. This OpenSSL update fixes an "OCSP stapling vulnerability". For...