[Oraclevm-errata] OVMSA-2019-0040 Important: Oracle VM 3.4 openssl security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Thu Aug 15 09:07:05 PDT 2019

Oracle VM Security Advisory OVMSA-2019-0040

The following updated rpms for Oracle VM 3.4 have been uploaded to the 
Unbreakable Linux Network:



Description of changes:

- Oracle bug 28730228: backport CVE-2018-0732
- Oracle bug 28758493: backport CVE-2018-0737
- Merge upstream patch to fix CVE-2018-0739
- Avoid out-of-bounds read. Fixes CVE 2017-3735. By Rich Salz
- sha256 is used for the RSA pairwise consistency test instead of sha1

- fix CVE-2019-1559 - 0-byte record padding oracle

More information about the Oraclevm-errata mailing list