[El-errata] ELSA-2016-0372 Important: Oracle Linux 6 openssl098e security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Wed Mar 9 12:01:07 PST 2016


Oracle Linux Security Advisory ELSA-2016-0372

http://linux.oracle.com/errata/ELSA-2016-0372.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
openssl098e-0.9.8e-20.0.1.el6_7.1.i686.rpm

x86_64:
openssl098e-0.9.8e-20.0.1.el6_7.1.i686.rpm
openssl098e-0.9.8e-20.0.1.el6_7.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/openssl098e-0.9.8e-20.0.1.el6_7.1.src.rpm



Description of changes:

[0.9.8e-20.0.1.1]
- Updated the description

[0.9.8e-20.1]
- fix CVE-2015-0293 - triggerable assert in SSLv2 server
- fix CVE-2015-3197 - SSLv2 ciphersuite enforcement
- disable SSLv2 in the generic TLS method

[0.9.8e-20]
- fix for CVE-2014-0224 - SSL/TLS MITM vulnerability





More information about the El-errata mailing list