RHSA-2015:0800MediumCVSS 5.3
Red Hat Security Advisory: openssl security update
🔗 CVE IDs covered (9)
📋 Description
CVE-2014-8275 — openssl: Fix various certificate fingerprint issues CVE-2015-0204 — openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK) CVE-2015-0287 — openssl: ASN.1 structure reuse memory corruption CVE-2015-0288 — openssl: X509_to_X509_REQ NULL pointer dereference CVE-2015-0289 — openssl: PKCS7 NULL pointer dereference CVE-2015-0292 — openssl: integer underflow leading to buffer overflow in base64 decoding CVE-2015-0293 — openssl: assertion failure in SSLv2 servers CVE-2016-0703 — openssl: Divide-and-conquer session key recovery in SSLv2 CVE-2016-0704 — openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers
🔗 References (13)
- selfhttps://access.redhat.com/errata/RHSA-2015:0800
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://www.openssl.org/news/secadv_20150108.txt
- externalhttps://www.openssl.org/news/secadv_20150319.txt
- externalhttps://access.redhat.com/articles/1384453
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1180184
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1180187
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1202380
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1202384
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1202395
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1202404
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1202418
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_0800.json