|Package(s):||openssl||CVE #(s):||CVE-2013-6450 CVE-2013-6449|
|Created:||January 1, 2014||Updated:||December 29, 2014|
|Description:||From the Debian advisory:
Multiple security issues have been fixed in OpenSSL: The TLS 1.2 support was susceptible to denial of service and retransmission of DTLS messages was fixed. In addition this updates disables the insecure Dual_EC_DRBG algorithm (which was unused anyway, see http://marc.info/?l=openssl-announce&m=13874711982232... for further information) and no longer uses the RdRand feature available on some Intel CPUs as a sole source of entropy unless explicitly requested.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds