Fedora 10: FEDORA-2009-5412 Critical: OpenSSL DoS Issues Resolved
fedora
June 19, 2009
Security update fixing DoS bugs in DTLS code
Summary
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.
Update Information:
Security update fixing DoS bugs in DTLS code. CVE-2009-1377 CVE-2009-1378 CVE-2009-1379
Topics Covered
Change Log
* Thu May 21 2009 Tomas Mraz
References
[ 1 ] Bug #501253 - CVE-2009-1377 OpenSSL: DTLS epoch record buffer memory DoS
https://bugzilla.redhat.com/show_bug.cgi?id=501253
[ 2 ] Bug #501254 - CVE-2009-1378 OpenSSL: DTLS fragment handling memory DoS
https://bugzilla.redhat.com/show_bug.cgi?id=501254
[ 3 ] Bug #501572 - CVE-2009-1379 OpenSSL: DTLS pointer use-after-free flaw (DoS)
https://bugzilla.redhat.com/show_bug.cgi?id=501572
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update openssl' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: openssl
Product: Fedora 10
Version: 0.9.8g
Release: 14.fc10
Summary: The OpenSSL toolkit
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!