[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97559

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

CESA-2015:1072 -- centos 6 openssl

ID: oval:org.secpod.oval:def:203638Date: (C)2015-06-08   (M)2017-11-15
Class: PATCHFamily: unix




OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A flaw was found in the way the TLS protocol composes the Diffie-Hellman key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic. Note: This update forces the TLS/SSL client implementation in OpenSSL to reject DH key sizes below 768 bits, which prevents sessions to be downgraded to export-grade keys. Future updates may raise this limit to 1024 bits. All openssl users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

Platform:
CentOS 6
Product:
openssl
Reference:
CESA-2015:1072
CVE-2015-4000
CVE    1
CVE-2015-4000
CPE    18
cpe:/o:centos:centos:6
cpe:/a:openssl:openssl
cpe:/o:canonical:ubuntu_linux:14.10
cpe:/o:apple:mac_os_x:10.10.3
...

© 2013 SecPod Technologies