[El-errata] ELSA-2007-0964 Important: Enterprise Linux 5 openssl security update

el-errata at oss.oracle.com el-errata at oss.oracle.com
Fri Oct 12 20:39:41 PDT 2007


Enterprise Linux Security Advisory ELSA-2007-0964

https://rhn.redhat.com/errata/RHSA-2007-0964.html

The following updated rpms for Enterprise Linux 5 have been uploaded to 
the Unbreakable Linux Network:

i386:
openssl-0.9.8b-8.3.el5_0.2.i386.rpm
openssl-0.9.8b-8.3.el5_0.2.i686.rpm
openssl-devel-0.9.8b-8.3.el5_0.2.i386.rpm
openssl-perl-0.9.8b-8.3.el5_0.2.i386.rpm

x86_64:
openssl-0.9.8b-8.3.el5_0.2.i686.rpm
openssl-0.9.8b-8.3.el5_0.2.x86_64.rpm
openssl-devel-0.9.8b-8.3.el5_0.2.i386.rpm
openssl-devel-0.9.8b-8.3.el5_0.2.x86_64.rpm
openssl-perl-0.9.8b-8.3.el5_0.2.x86_64.rpm


SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/openssl-0.9.8b-8.3.el5_0.2.src.rpm

Description of changes:

[0.9.8b-8.3.2]
- more DTLS fixes (#321211)

[0.9.8b-8.3.1]
- fix CVE-2007-3108 - side channel attack on private keys (#322891)
- fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309871)
- fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321211)




More information about the El-errata mailing list