MDVSA-2010:022 -- Mandriva opensslID: oval:org.secpod.oval:def:301164 | Date: (C)2012-01-07 (M)2024-01-29 |
Class: PATCH | Family: unix |
Some vulnerabilities were discovered and corrected in openssl: Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service via vectors that trigger incorrect calls to the CRYPTO_free_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678 . Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct thies issue.
Platform: |
Mandriva Linux 2010.0 |
Mandriva Linux 2009.0 |
Mandriva Linux 2009.1 |
Mandriva Linux 2008.0 |