| Errata ID | 257 |
|---|---|
| Date | 2014-12-17 |
| Source package | openssl |
| Fixed in version | 0.9.8o-4.83.201412111155 |
| Description | Multiple issues have been fixed in openssl: * Denial of service through memory leak in session ticket validation (CVE-2014-3567) * A mechanism to counter downgrade attacks to SSL3 (TLS_FALLBACK_SCSV) (CVE-2014-3566) * The build option no-ssl3 didn't work as expected (CVE-2014-3568) |
| Additional notes | |
| CVE ID | CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 |
| UCS Bug number | #36170 |
