RHSA-2015:0066

Description

Red Hat Security Advisory: openssl security update

CVSS Metrics

• v3.0•MEDIUM•Score: 5.3CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Systems

• redhat•openssl

  < 0:1.0.1e-30.el6_6.5 | < 0:1.0.1e-30.el6_6.5 | < 0:1.0.1e-30.el6_6.5 | < 0:1.0.1e-30.el6_6.5 | < 1:1.0.1e-34.el7_0.7 | < 1:1.0.1e-34.el7_0.7 | < 1:1.0.1e-34.el7_0.7 | < 1:1.0.1e-34.el7_0.7

• redhat•openssl-debuginfo

  < 0:1.0.1e-30.el6_6.5 | < 0:1.0.1e-30.el6_6.5 | < 0:1.0.1e-30.el6_6.5 | < 0:1.0.1e-30.el6_6.5 | < 1:1.0.1e-34.el7_0.7 | < 1:1.0.1e-34.el7_0.7 | < 1:1.0.1e-34.el7_0.7 | < 1:1.0.1e-34.el7_0.7

• redhat•openssl-devel

  < 0:1.0.1e-30.el6_6.5 | < 0:1.0.1e-30.el6_6.5 | < 0:1.0.1e-30.el6_6.5 | < 0:1.0.1e-30.el6_6.5 | < 1:1.0.1e-34.el7_0.7 | < 1:1.0.1e-34.el7_0.7 | < 1:1.0.1e-34.el7_0.7 | < 1:1.0.1e-34.el7_0.7

• redhat•openssl-libs

  < 1:1.0.1e-34.el7_0.7 | < 1:1.0.1e-34.el7_0.7 | < 1:1.0.1e-34.el7_0.7 | < 1:1.0.1e-34.el7_0.7

• redhat•openssl-perl

  < 0:1.0.1e-30.el6_6.5 | < 0:1.0.1e-30.el6_6.5 | < 0:1.0.1e-30.el6_6.5 | < 0:1.0.1e-30.el6_6.5 | < 1:1.0.1e-34.el7_0.7 | < 1:1.0.1e-34.el7_0.7 | < 1:1.0.1e-34.el7_0.7 | < 1:1.0.1e-34.el7_0.7

• redhat•openssl-static

  < 0:1.0.1e-30.el6_6.5 | < 0:1.0.1e-30.el6_6.5 | < 0:1.0.1e-30.el6_6.5 | < 0:1.0.1e-30.el6_6.5 | < 1:1.0.1e-34.el7_0.7 | < 1:1.0.1e-34.el7_0.7 | < 1:1.0.1e-34.el7_0.7 | < 1:1.0.1e-34.el7_0.7

References (33)

• https://access.redhat.com/errata/RHSA-2015:0066
• https://access.redhat.com/security/updates/classification/#moderate
• https://www.openssl.org/news/secadv_20150108.txt
• https://bugzilla.redhat.com/show_bug.cgi?id=1180184
• https://bugzilla.redhat.com/show_bug.cgi?id=1180185
• https://bugzilla.redhat.com/show_bug.cgi?id=1180187
• https://bugzilla.redhat.com/show_bug.cgi?id=1180234
• https://bugzilla.redhat.com/show_bug.cgi?id=1180235
• https://bugzilla.redhat.com/show_bug.cgi?id=1180239
• https://bugzilla.redhat.com/show_bug.cgi?id=1180240
• https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_0066.json
• https://access.redhat.com/security/cve/CVE-2014-3570
• https://www.cve.org/CVERecord?id=CVE-2014-3570
• https://nvd.nist.gov/vuln/detail/CVE-2014-3570
• https://access.redhat.com/security/cve/CVE-2014-3571
• https://www.cve.org/CVERecord?id=CVE-2014-3571
• https://nvd.nist.gov/vuln/detail/CVE-2014-3571
• https://access.redhat.com/security/cve/CVE-2014-3572
• https://www.cve.org/CVERecord?id=CVE-2014-3572
• https://nvd.nist.gov/vuln/detail/CVE-2014-3572
• https://access.redhat.com/security/cve/CVE-2014-8275
• https://www.cve.org/CVERecord?id=CVE-2014-8275
• https://nvd.nist.gov/vuln/detail/CVE-2014-8275
• https://access.redhat.com/security/cve/CVE-2015-0204
• https://www.cve.org/CVERecord?id=CVE-2015-0204
• https://nvd.nist.gov/vuln/detail/CVE-2015-0204
• https://securityblog.redhat.com/2015/03/04/factoring-rsa-export-keys-freak-cve-2015-0204/
• https://access.redhat.com/security/cve/CVE-2015-0205
• https://www.cve.org/CVERecord?id=CVE-2015-0205
• https://nvd.nist.gov/vuln/detail/CVE-2015-0205
• https://access.redhat.com/security/cve/CVE-2015-0206
• https://www.cve.org/CVERecord?id=CVE-2015-0206
• https://nvd.nist.gov/vuln/detail/CVE-2015-0206