[FEDORA-2010-5357] Fedora 11: openssl
Severity
High
Affected Packages
1
CVEs
8
Update to upstream version 0.9.8n fixing multiple security issues:
CVE-2009-3555, CVE-2009-3245, CVE-2009-4355, and CVE-2010-0433. Refer to
upstream CHANGES file for the detailed list of changes since version 0.9.8k:
* http://cvs.openssl.org/fileview?f=openssl/CHANGES&v=1.1238.2.193
Package | Affected Version |
---|---|
pkg:rpm/fedora/openssl?distro=fedora-11 | < 0.9.8n.1.fc11 |
- ID
- FEDORA-2010-5357
- Severity
- high
- Severity from
- CVE-2009-3245
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2010-5357
- Published
-
2010-04-16T23:49:46
(14 years ago) - Modified
-
2010-04-16T23:49:46
(14 years ago) - Rights
- Copyright 2010 Red Hat, Inc.
- Other Advisories
-
- CISCO-SA-20091105-CVE-2009-3555
- CISCO-SA-20091109-TLS
- DSA-3253-1
- ELSA-2009-1335
- ELSA-2009-1579
- ELSA-2010-0054
- ELSA-2010-0162
- ELSA-2010-0164
- ELSA-2010-0165
- ELSA-2010-0166
- ELSA-2010-0339
- ELSA-2010-0768
- FEDORA-2009-12229
- FEDORA-2009-12305
- FEDORA-2009-12604
- FEDORA-2009-12606
- FEDORA-2009-12747
- FEDORA-2009-12750
- FEDORA-2009-12775
- FEDORA-2009-12782
- FEDORA-2009-12968
- FEDORA-2009-13236
- FEDORA-2009-13250
- FEDORA-2009-5412
- FEDORA-2009-5423
- FEDORA-2009-5452
- FEDORA-2010-1127
- FEDORA-2010-15989
- FEDORA-2010-16240
- FEDORA-2010-16294
- FEDORA-2010-16312
- FEDORA-2010-17220
- FEDORA-2010-17826
- FEDORA-2010-3905
- FEDORA-2010-3929
- FEDORA-2010-3956
- FEDORA-2010-5744
- FEDORA-2010-5942
- FEDORA-2010-6025
- FEDORA-2010-6039
- FEDORA-2010-6055
- FEDORA-2010-6131
- FEDORA-2010-6279
- FEDORA-2010-8742
- FEDORA-2010-9421
- FEDORA-2010-9487
- FEDORA-2010-9518
- FEDORA-2010-9639
- FREEBSD:82B55DF8-4D5A-11DE-8811-0030843D3802
- FREEBSD:9CCFEE39-3C3B-11DF-9EDC-000F20797EDE
- GLSA-200912-01
- GLSA-201006-18
- GLSA-201110-01
- GLSA-201110-05
- GLSA-201203-22
- GLSA-201206-18
- GLSA-201301-01
- GLSA-201309-15
- GLSA-201311-13
- GLSA-201406-32
- MAVEN:GHSA-F7W7-6PJC-WWM6
- NGINX:CVE-2009-3555
- RHSA-2010:0865
- RHSA-2010:0987
- SECADV-20090512-1
- SECADV-20090512-2
- SECADV-20090512-3
- SECADV-20091105-1
- SECADV-20100113-1
- SECADV-20100119-1
- SECADV-20100223-1
- SECADV-20100324-1
- SSA:2009-320-01
- SSA:2010-067-01
- SSA:2010-090-01
- USN-1003-1
- USN-1010-1
- USN-792-1
- USN-860-1
- USN-884-1
- USN-923-1
- USN-927-1
- USN-927-4
- USN-927-6
- USN-990-1
- USN-990-2
- VU:120541
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 570924 | Bug #570924 - CVE-2009-3245 openssl: missing bn_wexpand return value checks | https://bugzilla.redhat.com/show_bug.cgi?id=570924 |
Bugzilla | 546707 | Bug #546707 - CVE-2009-4355 openssl significant memory leak in certain SSLv3 requests (DoS) | https://bugzilla.redhat.com/show_bug.cgi?id=546707 |
Bugzilla | 533125 | Bug #533125 - CVE-2009-3555 TLS: MITM attacks via session renegotiation | https://bugzilla.redhat.com/show_bug.cgi?id=533125 |
Bugzilla | 569774 | Bug #569774 - CVE-2010-0433 openssl: crash caused by a missing krb5_sname_to_principal() return value check | https://bugzilla.redhat.com/show_bug.cgi?id=569774 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/fedora/openssl?distro=fedora-11 | fedora | openssl | < 0.9.8n.1.fc11 | fedora-11 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |