RHSA-2014:0679High
Red Hat Security Advisory: openssl security update
🔗 CVE IDs covered (6)
📋 Description
CVE-2010-5298 — openssl: freelist misuse causing a possible use-after-free CVE-2014-0195 — openssl: Buffer overflow via DTLS invalid fragment CVE-2014-0198 — openssl: SSL_MODE_RELEASE_BUFFERS NULL pointer dereference in do_ssl3_write() CVE-2014-0221 — openssl: DoS when sending invalid DTLS handshake CVE-2014-0224 — openssl: SSL/TLS MITM vulnerability CVE-2014-3470 — openssl: client-side denial of service when using anonymous ECDH
🔗 References (11)
- selfhttps://access.redhat.com/errata/RHSA-2014:0679
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://access.redhat.com/site/articles/904433
- externalhttps://access.redhat.com/site/solutions/905793
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1087195
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1093837
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1103586
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1103593
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1103598
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1103600
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0679.json