| Errata ID | 360 |
|---|---|
| Date | 2015-08-21 |
| Source package | openssl |
| Fixed in version | 0.9.8o-4.100.201508172249 |
| Description | Multiple vulnerabilities have been fixed in openssl: * Invalid free in DTLS (CVE-2014-8176) * Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789) * PKCS7 crash with missing EnvelopedContent (CVE-2015-1790) * Race condition in NewSessionTicket (CVE-2015-1791) * CMS verify infinite loop with unknown hash function (CVE-2015-1792) * Require a minimum of 768 bit for DH parameters (CVE-2015-4000) |
| Additional notes | |
| CVE ID | CVE-2014-8176 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-4000 |
| UCS Bug number | #38692 |
