Resolution for CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-1794 (OpenSSL Dec 3, 2015)
Issue
- OpenSSL: BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193)
- OpenSSL: Certificate verify crash with missing PSS parameter (cve-2015-3194)
- OpenSSL: X509_ATTRIBUTE memory leak (CVE-2015-3195)
- OpenSSL: Race condition handling PSK identify hint (cve-2015-3196)
- OpenSSL: Anon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794)
Environment
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 5
- openssl, openssl098e, openssl097a
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.