openssl-1.0.1e-30.AXS4.2
エラータID: AXSA:2014-603:01
Release date:
Friday, October 17, 2014 - 16:32
Subject:
openssl-1.0.1e-30.AXS4.2
Affected Channels:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
Description :
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.
Security issues fixed with this release:
CVE-2014-3513
CVE-2014-3567
All of issues are:
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Please see below CVE's links.
Solution:
Update package.
CVEs:
CVE-2014-3513
Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message.
Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message.
CVE-2014-3567
Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure.
Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure.
Additional Info:
N/A
Download:
SRPMS
- openssl-1.0.1e-30.AXS4.2.src.rpm
MD5: 68acfc37e2090a344e07877a9d69e13e
SHA-256: ae22746e2de4c1f898cf2f74a951d3e4440773f5f23e1447e93d4f76fa2a3ca5
Size: 3.02 MB
Asianux Server 4 for x86
- openssl-1.0.1e-30.AXS4.2.i686.rpm
MD5: 76a4df6a416142ad218fd497895f7327
SHA-256: f121c2e5e05e69e699921fc9c20617f5614e0d55302ecd0adfa469ded6a9c012
Size: 1.51 MB - openssl-devel-1.0.1e-30.AXS4.2.i686.rpm
MD5: bc3955dd0f5704841d6b5db9c62fe838
SHA-256: 6e7c8cddc48aa5312dc1cc3df04e5f8bca93110daa640015cbf8eb2629bb1c0b
Size: 1.17 MB
Asianux Server 4 for x86_64
- openssl-1.0.1e-30.AXS4.2.x86_64.rpm
MD5: 823a8d00c184cf2b1cf83039db6d2d9a
SHA-256: 9afea916598948954ab6f727c5082ddd887ff50b6abaaf5bad9efae349350b18
Size: 1.51 MB - openssl-devel-1.0.1e-30.AXS4.2.x86_64.rpm
MD5: 44d7bba8d18504e0a6b58d5172325810
SHA-256: a451ec4696e9d5074102520990a66b78a03a87dc28e93a9f274296253f4e0960
Size: 1.17 MB - openssl-1.0.1e-30.AXS4.2.i686.rpm
MD5: 76a4df6a416142ad218fd497895f7327
SHA-256: f121c2e5e05e69e699921fc9c20617f5614e0d55302ecd0adfa469ded6a9c012
Size: 1.51 MB - openssl-devel-1.0.1e-30.AXS4.2.i686.rpm
MD5: bc3955dd0f5704841d6b5db9c62fe838
SHA-256: 6e7c8cddc48aa5312dc1cc3df04e5f8bca93110daa640015cbf8eb2629bb1c0b
Size: 1.17 MB
日本語