[El-errata] New openssl updates available via Ksplice (ELSA-2016-0008)
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Fri Jan 8 05:42:53 PST 2016
Synopsis: ELSA-2016-0008 can now be patched using Ksplice
CVEs: CVE-2015-7575
Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Security Advisory, ELSA-2016-0008.
INSTALLING THE UPDATES
We recommend that all users of Ksplice on OL 7 install these updates.
You can install these updates by running:
# ksplice -y user upgrade
DESCRIPTION
* CVE-2015-7575: Server authentication bypass in TLS 1.2 (SLOTH).
A flaw in TLS1.2 could allow an attacker to downgrade the signature hash
to the insecure MD5 hash algorithm, potentially allowing a
man-in-the-middle attack by taking advantage of hash collisions in MD5.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the El-errata
mailing list