[El-errata] ELSA-2007-0964 Important: Enterprise Linux 5 openssl security update
el-errata at oss.oracle.com
el-errata at oss.oracle.com
Fri Oct 12 20:39:41 PDT 2007
Enterprise Linux Security Advisory ELSA-2007-0964
https://rhn.redhat.com/errata/RHSA-2007-0964.html
The following updated rpms for Enterprise Linux 5 have been uploaded to
the Unbreakable Linux Network:
i386:
openssl-0.9.8b-8.3.el5_0.2.i386.rpm
openssl-0.9.8b-8.3.el5_0.2.i686.rpm
openssl-devel-0.9.8b-8.3.el5_0.2.i386.rpm
openssl-perl-0.9.8b-8.3.el5_0.2.i386.rpm
x86_64:
openssl-0.9.8b-8.3.el5_0.2.i686.rpm
openssl-0.9.8b-8.3.el5_0.2.x86_64.rpm
openssl-devel-0.9.8b-8.3.el5_0.2.i386.rpm
openssl-devel-0.9.8b-8.3.el5_0.2.x86_64.rpm
openssl-perl-0.9.8b-8.3.el5_0.2.x86_64.rpm
SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/openssl-0.9.8b-8.3.el5_0.2.src.rpm
Description of changes:
[0.9.8b-8.3.2]
- more DTLS fixes (#321211)
[0.9.8b-8.3.1]
- fix CVE-2007-3108 - side channel attack on private keys (#322891)
- fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309871)
- fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321211)
More information about the El-errata
mailing list