DSA-2833-1 openssl -- several
|ID: oval:org.secpod.oval:def:601186||Date: (C)2014-01-08 (M)2017-12-13|
|Class: PATCH||Family: unix|
Multiple security issues have been fixed in OpenSSL: The TLS 1.2 support was susceptible to denial of service and retransmission of DTLS messages was fixed. In addition this updates disables the insecure Dual_EC_DRBG algorithm and no longer uses the RdRand feature available on some Intel CPUs as a sole source of entropy unless explicitly requested.