This issue did not affect the versions of openssl as shipped with Red Hat Enterprise Linux 3 and 4. The openssl versions in Red Hat Enterprise Linux 5 and 6 were partially affected, as they support DTLS, but they do not support TLS 1.1 and TLS 1.2. This issue was addressed in Red Hat Enterprise Linux 5 and 6 via RHSA-2012:0699.
CVSS v2 metrics
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
|Red Hat JBoss Enterprise Application Platform 6.0||RHSA-2012:1308||2012-09-24|
|Red Hat JBoss Enterprise Application Platform 5.1||RHSA-2012:1307||2012-09-24|
|Red Hat Enterprise Linux 5 (openssl)||RHSA-2012:0699||2012-05-29|
|Red Hat Enterprise Linux 6 (openssl)||RHSA-2012:0699||2012-05-29|
|Red Hat JBoss Web Server 1.0||RHSA-2012:1306||2012-09-24|
Affected Packages State
|Red Hat Enterprise Linux 6||openssl098e||Will not fix|
|Red Hat Enterprise Linux 5||openssl097a||Not affected|
|Red Hat Enterprise Linux 4||openssl||Not affected|
|Red Hat Enterprise Linux 3||openssl||Not affected|
AcknowledgementsRed Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Codenomicon as the original reporter.
CVE description copyright © 2017, The MITRE Corporation