[Oraclevm-errata] OVMSA-2015-0065 Moderate: Oracle VM 3.3 openssl security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Thu Jun 4 15:53:12 PDT 2015

Oracle VM Security Advisory OVMSA-2015-0065

The following updated rpms for Oracle VM 3.3 have been uploaded to the 
Unbreakable Linux Network:



Description of changes:

- fix CVE-2015-4000 - prevent the logjam attack on client - restrict
   the DH key size to at least 768 bits (limit will be increased in future)

- drop the AES-GCM restriction of 2^32 operations because the IV is
   always 96 bits (32 bit fixed field + 64 bit invocation field)

More information about the Oraclevm-errata mailing list