Advisory: CLSA-2021:1632262317
OS: CentOS 6 ELS
Public date: 2021-09-21 00:00:00
Project: openssl
Version: 1.0.1e-62.el6.cloudlinux.els
Errata link: https://errata.cloudlinux.com/els6/CLSA-2021-1632262317.html
- fix CVE-2021-3712 - handling ASN.1 string as NULL terminated leads to read buffer overrun - Port patches from oracle6els branch, original changelog entry: - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug 28758493: backport CVE-2018-0737 - Merge upstream patch to fix CVE-2018-0739 - Avoid out-of-bounds read. Fixes CVE 2017-3735. By Rich Salz - sha256 is used for the RSA pairwise consistency test instead of sha1
openssl-static-1.0.1e-62.el6.cloudlinux.els.x86_64.rpm openssl-1.0.1e-62.el6.cloudlinux.els.x86_64.rpm openssl-devel-1.0.1e-62.el6.cloudlinux.els.i686.rpm openssl-perl-1.0.1e-62.el6.cloudlinux.els.x86_64.rpm openssl-1.0.1e-62.el6.cloudlinux.els.i686.rpm openssl-devel-1.0.1e-62.el6.cloudlinux.els.x86_64.rpm