User: Password:
Subscribe / Log in / New account

openssl: multiple vulnerabilities

Package(s):openssl CVE #(s):CVE-2013-6450 CVE-2013-6449
Created:January 1, 2014 Updated:December 29, 2014
Description: From the Debian advisory:

Multiple security issues have been fixed in OpenSSL: The TLS 1.2 support was susceptible to denial of service and retransmission of DTLS messages was fixed. In addition this updates disables the insecure Dual_EC_DRBG algorithm (which was unused anyway, see for further information) and no longer uses the RdRand feature available on some Intel CPUs as a sole source of entropy unless explicitly requested.

Fedora FEDORA-2014-17587 mingw-openssl 2015-01-02
Gentoo 201412-39 openssl 2014-12-25
Oracle ELSA-2014-1652 openssl 2014-10-16
Fedora FEDORA-2014-1567 mingw-openssl 2014-01-28
Mandriva MDVSA-2014:007 openssl 2014-01-17
Mageia MGASA-2014-0012 openssl 2014-01-17
Fedora FEDORA-2014-0476 openssl 2014-01-10
Slackware SSA:2014-013-02 openssl 2014-01-13
openSUSE openSUSE-SU-2014:0049-1 openssl 2014-01-12
openSUSE openSUSE-SU-2014:0048-1 openssl 2014-01-11
Fedora FEDORA-2014-0474 openssl 2014-01-12
Ubuntu USN-2079-1 openssl 2014-01-09
Fedora FEDORA-2014-0456 openssl 2014-01-10
Scientific Linux SLSA-2014:0015-1 openssl 2014-01-09
Oracle ELSA-2014-0015 openssl 2014-01-08
CentOS CESA-2014:0015 openssl 2014-01-08
Red Hat RHSA-2014:0015-01 openssl 2014-01-08
Debian DSA-2833-1 openssl 2014-01-01
Fedora FEDORA-2014-1560 mingw-openssl 2014-02-04

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds