openssl-1.0.1e-48.3.0.1.AXS4

The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

Security issues fixed with this release:

CVE-2016-2177
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for
heap-buffer boundary checks, which might allow remote attackers to
cause a denial of service (integer overflow and application crash) or
possibly have unspecified other impact by leveraging unexpected malloc
behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.
CVE-2016-2178
The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL
through 1.0.2h does not properly ensure the use of constant-time
operations, which makes it easier for local users to discover a DSA
private key via a timing side-channel attack.
CVE-2016-2179
The DTLS implementation in OpenSSL before 1.1.0 does not properly
restrict the lifetime of queue entries associated with unused
out-of-order messages, which allows remote attackers to cause a denial
of service (memory consumption) by maintaining many crafted DTLS
sessions simultaneously, related to d1_lib.c, statem_dtls.c,
statem_lib.c, and statem_srvr.c.
CVE-2016-2180
The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509
Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in
OpenSSL through 1.0.2h allows remote attackers to cause a denial of
service (out-of-bounds read and application crash) via a crafted
time-stamp file that is mishandled by the "openssl ts" command.
CVE-2016-2181
The Anti-Replay feature in the DTLS implementation in OpenSSL before
1.1.0 mishandles early use of a new epoch number in conjunction with a
large sequence number, which allows remote attackers to cause a denial
of service (false-positive packet drops) via spoofed DTLS records,
related to rec_layer_d1.c and ssl3_record.c.
CVE-2016-2182
The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0
does not properly validate division results, which allows remote
attackers to cause a denial of service (out-of-bounds write and
application crash) or possibly have unspecified other impact via
unknown vectors.
CVE-2016-6302
The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before
1.1.0 does not consider the HMAC size during validation of the ticket
length, which allows remote attackers to cause a denial of service via
a ticket that is too short.
CVE-2016-6304
Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2
before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause
a denial of service (memory consumption) via large OCSP Status Request
extensions.
CVE-2016-6306
The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before
1.0.2i might allow remote attackers to cause a denial of service
(out-of-bounds read) via crafted certificate operations, related to
s3_clnt.c and s3_srvr.c.