Action not permitted
Modal body text goes here.
cve-2012-4929
Vulnerability from cvelistv5
Published
2012-09-15 18:00
Modified
2024-08-06 20:50
Severity ?
EPSS score ?
Summary
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a "CRIME" attack.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T20:50:18.019Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SSRT101139", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "name": "RHSA-2013:0587", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html" }, { "name": "DSA-2579", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2012/dsa-2579" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://gist.github.com/3696912" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091" }, { "name": "FEDORA-2013-4403", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html" }, { "name": "USN-1898-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1898-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://chromiumcodereview.appspot.com/10825183" }, { "name": "openSUSE-SU-2012:1420", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312" }, { "name": "DSA-3253", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2015/dsa-3253" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html" }, { "name": "openSUSE-SU-2013:0157", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/mpgn/CRIME-poc" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://news.ycombinator.com/item?id=4510829" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT5784" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.theregister.co.uk/2012/09/14/crime_tls_attack/" }, { "name": "APPLE-SA-2013-06-04-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html" }, { "name": "JVNDB-2016-000129", "tags": [ "third-party-advisory", "x_refsource_JVNDB", "x_transferred" ], "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html" }, { "name": "USN-1627-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1627-1" }, { "name": "DSA-2627", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2013/dsa-2627" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://code.google.com/p/chromium/issues/detail?id=139744" }, { "name": "oval:org.mitre.oval:def:18920", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/" }, { "name": "55704", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/55704" }, { "name": "USN-1628-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1628-1" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.ekoparty.org/2012/thai-duong.php" }, { "name": "openSUSE-SU-2013:0143", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor" }, { "name": "HPSBUX02866", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "name": "JVN#65273415", "tags": [ "third-party-advisory", "x_refsource_JVN", "x_transferred" ], "url": "http://jvn.jp/en/jp/JVN65273415/index.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2012-09-05T00:00:00", "descriptions": [ { "lang": "en", "value": "The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a \"CRIME\" attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-04-21T21:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "SSRT101139", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "name": "RHSA-2013:0587", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html" }, { "name": "DSA-2579", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2012/dsa-2579" }, { "tags": [ "x_refsource_MISC" ], "url": "https://gist.github.com/3696912" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091" }, { "name": "FEDORA-2013-4403", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html" }, { "name": "USN-1898-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1898-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://chromiumcodereview.appspot.com/10825183" }, { "name": "openSUSE-SU-2012:1420", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312" }, { "name": "DSA-3253", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2015/dsa-3253" }, { "tags": [ "x_refsource_MISC" ], "url": "http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html" }, { "name": "openSUSE-SU-2013:0157", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/mpgn/CRIME-poc" }, { "tags": [ "x_refsource_MISC" ], "url": "http://news.ycombinator.com/item?id=4510829" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT5784" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.theregister.co.uk/2012/09/14/crime_tls_attack/" }, { "name": "APPLE-SA-2013-06-04-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html" }, { "name": "JVNDB-2016-000129", "tags": [ "third-party-advisory", "x_refsource_JVNDB" ], "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html" }, { "name": "USN-1627-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1627-1" }, { "name": "DSA-2627", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2013/dsa-2627" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://code.google.com/p/chromium/issues/detail?id=139744" }, { "name": "oval:org.mitre.oval:def:18920", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920" }, { "tags": [ "x_refsource_MISC" ], "url": "http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/" }, { "name": "55704", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/55704" }, { "name": "USN-1628-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1628-1" }, { "tags": [ "x_refsource_MISC" ], "url": "https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212" }, { "tags": [ "x_refsource_MISC" ], "url": "http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.ekoparty.org/2012/thai-duong.php" }, { "name": "openSUSE-SU-2013:0143", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor" }, { "name": "HPSBUX02866", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "name": "JVN#65273415", "tags": [ "third-party-advisory", "x_refsource_JVN" ], "url": "http://jvn.jp/en/jp/JVN65273415/index.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-4929", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a \"CRIME\" attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SSRT101139", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "name": "RHSA-2013:0587", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html" }, { "name": "DSA-2579", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2012/dsa-2579" }, { "name": "https://gist.github.com/3696912", "refsource": "MISC", "url": "https://gist.github.com/3696912" }, { "name": "http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091", "refsource": "MISC", "url": "http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091" }, { "name": "FEDORA-2013-4403", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html" }, { "name": "USN-1898-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1898-1" }, { "name": "https://chromiumcodereview.appspot.com/10825183", "refsource": "CONFIRM", "url": "https://chromiumcodereview.appspot.com/10825183" }, { "name": "openSUSE-SU-2012:1420", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html" }, { "name": "http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312", "refsource": "MISC", "url": "http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312" }, { "name": "DSA-3253", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3253" }, { "name": "http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html", "refsource": "MISC", "url": "http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html" }, { "name": "openSUSE-SU-2013:0157", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html" }, { "name": "https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls", "refsource": "MISC", "url": "https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls" }, { "name": "https://github.com/mpgn/CRIME-poc", "refsource": "MISC", "url": "https://github.com/mpgn/CRIME-poc" }, { "name": "http://news.ycombinator.com/item?id=4510829", "refsource": "MISC", "url": "http://news.ycombinator.com/item?id=4510829" }, { "name": "http://support.apple.com/kb/HT5784", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT5784" }, { "name": "http://www.theregister.co.uk/2012/09/14/crime_tls_attack/", "refsource": "MISC", "url": "http://www.theregister.co.uk/2012/09/14/crime_tls_attack/" }, { "name": "APPLE-SA-2013-06-04-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html" }, { "name": "JVNDB-2016-000129", "refsource": "JVNDB", "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html" }, { "name": "USN-1627-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1627-1" }, { "name": "DSA-2627", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2013/dsa-2627" }, { "name": "http://code.google.com/p/chromium/issues/detail?id=139744", "refsource": "CONFIRM", "url": "http://code.google.com/p/chromium/issues/detail?id=139744" }, { "name": "oval:org.mitre.oval:def:18920", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920" }, { "name": "http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/", "refsource": "MISC", "url": "http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/" }, { "name": "55704", "refsource": "BID", "url": "http://www.securityfocus.com/bid/55704" }, { "name": "USN-1628-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1628-1" }, { "name": "https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212", "refsource": "MISC", "url": "https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212" }, { "name": "http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512", "refsource": "MISC", "url": "http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512" }, { "name": "http://www.ekoparty.org/2012/thai-duong.php", "refsource": "MISC", "url": "http://www.ekoparty.org/2012/thai-duong.php" }, { "name": "openSUSE-SU-2013:0143", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html" }, { "name": "http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor", "refsource": "MISC", "url": "http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor" }, { "name": "HPSBUX02866", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "name": "JVN#65273415", "refsource": "JVN", "url": "http://jvn.jp/en/jp/JVN65273415/index.html" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=857051", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-4929", "datePublished": "2012-09-15T18:00:00", "dateReserved": "2012-09-15T00:00:00", "dateUpdated": "2024-08-06T20:50:18.019Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2012-4929\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2012-09-15T18:55:03.187\",\"lastModified\":\"2018-04-22T01:29:00.363\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a \\\"CRIME\\\" attack.\"},{\"lang\":\"es\",\"value\":\"El protocolo TLS 1.2 y versiones anteriores, como el usado en Mozilla Firefox, Google Chrome, y otros productos, puede hacer cifrados TLS de datos comprimidos sin ofuscar de forma adecuada la longitud de los datos no cifrado, lo que permte a atacantes man-in-the-middle obtener cabeceras HTTP en texto plano observando las diferencias de longitud durante una serie de previsiones en la cual una cadena en una petici\u00f3n HTTP potencialmente coincide con una cadena desconocida en una cabecera HTPP, tambi\u00e9n conocido como ataque \\\"CRIME\\\".\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:P/I:N/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":2.6},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":4.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-310\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07E9B637-69D8-4E4F-8896-F8F14CC55E03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14E6A30E-7577-4569-9309-53A0AF7FE3AC\"}]}]}],\"references\":[{\"url\":\"http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://code.google.com/p/chromium/issues/detail?id=139744\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://jvn.jp/en/jp/JVN65273415/index.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://news.ycombinator.com/item?id=4510829\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0587.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.apple.com/kb/HT5784\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2012/dsa-2579\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2627\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2015/dsa-3253\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ekoparty.org/2012/thai-duong.php\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/55704\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.theregister.co.uk/2012/09/14/crime_tls_attack/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1627-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1628-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1898-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=857051\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://chromiumcodereview.appspot.com/10825183\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://gist.github.com/3696912\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/mpgn/CRIME-poc\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212\",\"source\":\"cve@mitre.org\"}]}}" } }
cve-2012-4929
Vulnerability from jvndb
Published
2016-07-25 11:15
Modified
2016-07-25 11:15
Severity ?
Summary
Android OS issue where it is affected by the CRIME attack
Details
The implementation of the TLS protocol in Android OS contains a vulnerability where plaintext HTTP headers may be obtained.
The TLS protocol contains a function that compresses data for communications between the client and server. This function does not properly obfuscate the length of the unencrypted data. When this function is enabled on both the client and server, it results in a vulnerability where plaintext HTTP headers may be obtained. The TLS implementation in Android OS is affected by this vulnerability.
Exploiting this vulnerability to obtain plaintext HTTP headers is referred to as the CRIME attack.
References
▼ | Type | URL |
---|---|---|
JVN | http://jvn.jp/en/jp/JVN65273415/index.html | |
CVE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929 | |
NVD | https://nvd.nist.gov/vuln/detail/CVE-2012-4929 | |
Cryptographic Issues(CWE-310) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html |
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html", "dc:date": "2016-07-25T11:15+09:00", "dcterms:issued": "2016-07-25T11:15+09:00", "dcterms:modified": "2016-07-25T11:15+09:00", "description": "The implementation of the TLS protocol in Android OS contains a vulnerability where plaintext HTTP headers may be obtained.\r\n\r\nThe TLS protocol contains a function that compresses data for communications between the client and server. This function does not properly obfuscate the length of the unencrypted data. When this function is enabled on both the client and server, it results in a vulnerability where plaintext HTTP headers may be obtained. The TLS implementation in Android OS is affected by this vulnerability.\r\nExploiting this vulnerability to obtain plaintext HTTP headers is referred to as the CRIME attack.", "link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html", "sec:cpe": { "#text": "cpe:/o:google:android", "@product": "Android", "@vendor": "Google", "@version": "2.2" }, "sec:cvss": [ { "@score": "2.6", "@severity": "Low", "@type": "Base", "@vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "@version": "2.0" }, { "@score": "3.7", "@severity": "Low", "@type": "Base", "@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "@version": "3.0" } ], "sec:identifier": "JVNDB-2016-000129", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN65273415/index.html", "@id": "JVN#65273415", "@source": "JVN" }, { "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929", "@id": "CVE-2012-4929", "@source": "CVE" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2012-4929", "@id": "CVE-2012-4929", "@source": "NVD" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-310", "@title": "Cryptographic Issues(CWE-310)" } ], "title": "Android OS issue where it is affected by the CRIME attack" }
rhsa-2014_0416
Vulnerability from csaf_redhat
Published
2014-04-17 12:23
Modified
2024-11-14 14:28
Summary
Red Hat Security Advisory: rhevm-spice-client security update
Notes
Topic
Updated rhevm-spice-client packages that fix multiple security issues are
now available for Red Hat Enterprise Virtualization Manager 3.
The Red Hat Security Response Team has rated this update as having
Important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
Red Hat Enterprise Virtualization Manager provides access to virtual
machines using SPICE. These SPICE client packages provide the SPICE client
and usbclerk service for both Windows 32-bit operating systems and Windows
64-bit operating systems.
The rhevm-spice-client package includes the mingw-virt-viewer Windows SPICE
client. OpenSSL, a general purpose cryptography library with a TLS
implementation, is bundled with mingw-virt-viewer. The mingw-virt-viewer
package has been updated to correct the following issues:
An information disclosure flaw was found in the way OpenSSL handled TLS and
DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server
could send a specially crafted TLS or DTLS Heartbeat packet to disclose a
limited portion of memory per request from a connected client or server.
Note that the disclosed portions of memory could potentially include
sensitive information such as private keys. (CVE-2014-0160)
It was discovered that OpenSSL leaked timing information when decrypting
TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites
were used. A remote attacker could possibly use this flaw to retrieve plain
text from the encrypted packets by using a TLS/SSL or DTLS server as a
padding oracle. (CVE-2013-0169)
A NULL pointer dereference flaw was found in the way OpenSSL handled
TLS/SSL protocol handshake packets. A specially crafted handshake packet
could cause a TLS/SSL client using OpenSSL to crash. (CVE-2013-4353)
It was discovered that the TLS/SSL protocol could leak information about
plain text when optional compression was used. An attacker able to control
part of the plain text sent over an encrypted TLS/SSL connection could
possibly use this flaw to recover other portions of the plain text.
(CVE-2012-4929)
Red Hat would like to thank the OpenSSL project for reporting
CVE-2014-0160. Upstream acknowledges Neel Mehta of Google Security as the
original reporter.
The updated mingw-virt-viewer Windows SPICE client further includes OpenSSL
security fixes that have no security impact on mingw-virt-viewer itself.
The security fixes included in this update address the following CVE
numbers:
CVE-2013-6449, CVE-2013-6450, CVE-2012-2686, and CVE-2013-0166
All Red Hat Enterprise Virtualization Manager users are advised to upgrade
to these updated packages, which address these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated rhevm-spice-client packages that fix multiple security issues are\nnow available for Red Hat Enterprise Virtualization Manager 3.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Enterprise Virtualization Manager provides access to virtual\nmachines using SPICE. These SPICE client packages provide the SPICE client\nand usbclerk service for both Windows 32-bit operating systems and Windows\n64-bit operating systems.\n\nThe rhevm-spice-client package includes the mingw-virt-viewer Windows SPICE\nclient. OpenSSL, a general purpose cryptography library with a TLS\nimplementation, is bundled with mingw-virt-viewer. The mingw-virt-viewer\npackage has been updated to correct the following issues:\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the way OpenSSL handled\nTLS/SSL protocol handshake packets. A specially crafted handshake packet\ncould cause a TLS/SSL client using OpenSSL to crash. (CVE-2013-4353)\n\nIt was discovered that the TLS/SSL protocol could leak information about\nplain text when optional compression was used. An attacker able to control\npart of the plain text sent over an encrypted TLS/SSL connection could\npossibly use this flaw to recover other portions of the plain text.\n(CVE-2012-4929)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-0160. Upstream acknowledges Neel Mehta of Google Security as the\noriginal reporter.\n\nThe updated mingw-virt-viewer Windows SPICE client further includes OpenSSL\nsecurity fixes that have no security impact on mingw-virt-viewer itself.\nThe security fixes included in this update address the following CVE\nnumbers:\n\nCVE-2013-6449, CVE-2013-6450, CVE-2012-2686, and CVE-2013-0166\n\nAll Red Hat Enterprise Virtualization Manager users are advised to upgrade\nto these updated packages, which address these issues.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2014:0416", "url": "https://access.redhat.com/errata/RHSA-2014:0416" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "857051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051" }, { "category": "external", "summary": "907589", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907589" }, { "category": "external", "summary": "1049058", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1049058" }, { "category": "external", "summary": "1084875", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084875" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0416.json" } ], "title": "Red Hat Security Advisory: rhevm-spice-client security update", "tracking": { "current_release_date": "2024-11-14T14:28:00+00:00", "generator": { "date": "2024-11-14T14:28:00+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.0" } }, "id": "RHSA-2014:0416", "initial_release_date": "2014-04-17T12:23:34+00:00", "revision_history": [ { "date": "2014-04-17T12:23:34+00:00", "number": "1", "summary": "Initial version" }, { "date": "2014-04-17T12:23:34+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-14T14:28:00+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHEV-M 3.3", "product": { "name": "RHEV-M 3.3", "product_id": "6Server-RHEV-S-3.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhev_manager:3" } } } ], "category": "product_family", "name": "Red Hat Virtualization" }, { "branches": [ { "category": "product_version", "name": "rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch", "product": { "name": "rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch", "product_id": "rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhevm-spice-client-x86-msi@3.3-12.el6_5?arch=noarch" } } }, { "category": "product_version", "name": "rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "product": { "name": "rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "product_id": "rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhevm-spice-client-x86-cab@3.3-12.el6_5?arch=noarch" } } }, { "category": "product_version", "name": "rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "product": { "name": "rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "product_id": "rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhevm-spice-client-x64-msi@3.3-12.el6_5?arch=noarch" } } }, { "category": "product_version", "name": "rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "product": { "name": "rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "product_id": "rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhevm-spice-client-x64-cab@3.3-12.el6_5?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "rhevm-spice-client-0:3.3-12.el6_5.src", "product": { "name": "rhevm-spice-client-0:3.3-12.el6_5.src", "product_id": "rhevm-spice-client-0:3.3-12.el6_5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhevm-spice-client@3.3-12.el6_5?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rhevm-spice-client-0:3.3-12.el6_5.src as a component of RHEV-M 3.3", "product_id": "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src" }, "product_reference": "rhevm-spice-client-0:3.3-12.el6_5.src", "relates_to_product_reference": "6Server-RHEV-S-3.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch as a component of RHEV-M 3.3", "product_id": "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch" }, "product_reference": "rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "relates_to_product_reference": "6Server-RHEV-S-3.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch as a component of RHEV-M 3.3", "product_id": "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch" }, "product_reference": "rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "relates_to_product_reference": "6Server-RHEV-S-3.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch as a component of RHEV-M 3.3", "product_id": "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch" }, "product_reference": "rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "relates_to_product_reference": "6Server-RHEV-S-3.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch as a component of RHEV-M 3.3", "product_id": "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" }, "product_reference": "rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch", "relates_to_product_reference": "6Server-RHEV-S-3.3" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-4929", "discovery_date": "2012-09-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "857051" } ], "notes": [ { "category": "description", "text": "The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a \"CRIME\" attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS CRIME attack against HTTPS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4929" }, { "category": "external", "summary": "RHBZ#857051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4929", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4929" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4929", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4929" } ], "release_date": "2012-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-04-17T12:23:34+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0416" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS CRIME attack against HTTPS" }, { "cve": "CVE-2013-0169", "discovery_date": "2013-02-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "907589" } ], "notes": [ { "category": "description", "text": "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: CBC padding timing attack (lucky-13)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-0169" }, { "category": "external", "summary": "RHBZ#907589", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907589" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-0169", "url": "https://www.cve.org/CVERecord?id=CVE-2013-0169" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0169", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0169" }, { "category": "external", "summary": "http://www.isg.rhul.ac.uk/tls/", "url": "http://www.isg.rhul.ac.uk/tls/" }, { "category": "external", "summary": "http://www.openssl.org/news/secadv_20130205.txt", "url": "http://www.openssl.org/news/secadv_20130205.txt" }, { "category": "external", "summary": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released", "url": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released" } ], "release_date": "2013-02-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-04-17T12:23:34+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0416" }, { "category": "workaround", "details": "On OpenShift Container Platform 3.11 it\u0027s possible to edit the list of cipher suites offered by the router when performing \u0027edge\u0027, or \u0027re-encrypt\u0027 TLS modes. Please follow the documentation [1], and [2] to remove the vulnerable CBC ciphers use the modern, or intermediate cipher suites outlined by Mozilla instead [3]. In \u0027passthrough\u0027 mode TLS termination occurs in the application so that is another way to mitigate the vulnerability.\n[1] https://docs.openshift.com/container-platform/3.11/install_config/router/customized_haproxy_router.html#obtaining-router-configuration-template\n[2] https://docs.openshift.com/container-platform/3.11/install_config/router/customized_haproxy_router.html#using-configmap-replace-template\n[3] https://wiki.mozilla.org/Security/Server_Side_TLS", "product_ids": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: CBC padding timing attack (lucky-13)" }, { "cve": "CVE-2013-4353", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2014-01-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1049058" } ], "notes": [ { "category": "description", "text": "The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake.", "title": "Vulnerability description" }, { "category": "summary", "text": "openssl: client NULL dereference crash on malformed handshake packets", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of openssl as shipped with Red Hat Enterprise Linux 5 and earlier.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-4353" }, { "category": "external", "summary": "RHBZ#1049058", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1049058" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4353", "url": "https://www.cve.org/CVERecord?id=CVE-2013-4353" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4353", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4353" } ], "release_date": "2014-01-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-04-17T12:23:34+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0416" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "openssl: client NULL dereference crash on malformed handshake packets" }, { "acknowledgments": [ { "names": [ "OpenSSL project" ] }, { "names": [ "Neel Mehta" ], "organization": "Google Security", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2014-0160", "cwe": { "id": "CWE-201", "name": "Insertion of Sensitive Information Into Sent Data" }, "discovery_date": "2014-04-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1084875" } ], "notes": [ { "category": "description", "text": "An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys.", "title": "Vulnerability description" }, { "category": "summary", "text": "openssl: information disclosure in handling of TLS heartbeat extension packets", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of openssl as shipped with Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6.4 and earlier, Red Hat JBoss Enterprise Application Platform 5 and 6, and Red Hat JBoss Web Server 1 and 2. This issue does affect Red Hat Enterprise Linux 7 Beta, Red Hat Enterprise Linux 6.5, Red Hat Enterprise Virtualization Hypervisor 6.5, and Red Hat Storage 2.1, which provided openssl 1.0.1e. Errata have been released to correct this issue.\n\nAdditional information can be found in the Red Hat Knowledgebase article: https://access.redhat.com/site/announcements/781953", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0160" }, { "category": "external", "summary": "RHBZ#1084875", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084875" }, { "category": "external", "summary": "RHSB-heartbleed", "url": "https://access.redhat.com/security/vulnerabilities/heartbleed" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0160", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0160" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0160", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0160" }, { "category": "external", "summary": "http://www.openssl.org/news/secadv_20140407.txt", "url": "http://www.openssl.org/news/secadv_20140407.txt" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2014-04-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-04-17T12:23:34+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0416" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-05-04T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Important" } ], "title": "openssl: information disclosure in handling of TLS heartbeat extension packets" } ] }
rhsa-2013_0636
Vulnerability from csaf_redhat
Published
2013-03-13 14:40
Modified
2024-11-22 06:33
Summary
Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update
Notes
Topic
An updated rhev-hypervisor6 package that fixes several security issues and
various bugs is now available.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization
Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor
is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes
everything necessary to run and manage virtual machines: A subset of the
Red Hat Enterprise Linux operating environment and the Red Hat Enterprise
Virtualization Agent.
Note: Red Hat Enterprise Virtualization Hypervisor is only available for
the Intel 64 and AMD64 architectures with virtualization extensions.
A flaw was found in the way QEMU-KVM emulated the e1000 network interface
card when the host was configured to accept jumbo network frames, and a
guest using the e1000 emulated driver was not. A remote attacker could use
this flaw to crash the guest or, potentially, execute arbitrary code with
root privileges in the guest. (CVE-2012-6075)
It was discovered that GnuTLS leaked timing information when decrypting
TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A
remote attacker could possibly use this flaw to retrieve plain text from
the encrypted packets by using a TLS/SSL server as a padding oracle.
(CVE-2013-1619)
It was discovered that OpenSSL leaked timing information when decrypting
TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites
were used. A remote attacker could possibly use this flaw to retrieve plain
text from the encrypted packets by using a TLS/SSL or DTLS server as a
padding oracle. (CVE-2013-0169)
A NULL pointer dereference flaw was found in the OCSP response verification
in OpenSSL. A malicious OCSP server could use this flaw to crash
applications performing OCSP verification by sending a specially-crafted
response. (CVE-2013-0166)
It was discovered that the TLS/SSL protocol could leak information about
plain text when optional compression was used. An attacker able to control
part of the plain text sent over an encrypted TLS/SSL connection could
possibly use this flaw to recover other portions of the plain text.
(CVE-2012-4929)
This updated package provides updated components that include fixes for
various security issues. These issues have no security impact on Red Hat
Enterprise Virtualization Hypervisor itself, however. The security fixes
included in this update address the following CVE numbers:
CVE-2013-0292 (dbus-glib issue)
CVE-2013-0228, CVE-2013-0268, and CVE-2013-0871 (kernel issues)
CVE-2013-0338 (libxml2 issue)
This update contains the builds from the following errata:
ovirt-node: RHBA-2013:0634
https://rhn.redhat.com/errata/RHBA-2013-0634.html
kernel: RHSA-2013:0630
https://rhn.redhat.com/errata/RHSA-2013-0630.html
dbus-glib: RHSA-2013:0568
https://rhn.redhat.com/errata/RHSA-2013-0568.html
libcgroup: RHBA-2013:0560
https://rhn.redhat.com/errata/RHBA-2013-0560.html
vdsm: RHBA-2013:0635
https://rhn.redhat.com/errata/RHBA-2013-0635.html
selinux-policy: RHBA-2013:0618
https://rhn.redhat.com/errata/RHBA-2013-0618.html
qemu-kvm-rhev: RHSA-2013:0610
https://rhn.redhat.com/errata/RHSA-2013-0610.html
glusterfs: RHBA-2013:0620
https://rhn.redhat.com/errata/RHBA-2013-0620.html
gnutls: RHSA-2013:0588
https://rhn.redhat.com/errata/RHSA-2013-0588.html
ipmitool: RHBA-2013:0572
https://rhn.redhat.com/errata/RHBA-2013-0572.html
libxml2: RHSA-2013:0581
https://rhn.redhat.com/errata/RHSA-2013-0581.html
openldap: RHBA-2013:0598
https://rhn.redhat.com/errata/RHBA-2013-0598.html
openssl: RHSA-2013:0587
https://rhn.redhat.com/errata/RHSA-2013-0587.html
Users of the Red Hat Enterprise Virtualization Hypervisor are advised to
upgrade to this updated package, which fixes these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An updated rhev-hypervisor6 package that fixes several security issues and\nvarious bugs is now available.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: A subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network interface\ncard when the host was configured to accept jumbo network frames, and a\nguest using the e1000 emulated driver was not. A remote attacker could use\nthis flaw to crash the guest or, potentially, execute arbitrary code with\nroot privileges in the guest. (CVE-2012-6075)\n\nIt was discovered that GnuTLS leaked timing information when decrypting\nTLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A\nremote attacker could possibly use this flaw to retrieve plain text from\nthe encrypted packets by using a TLS/SSL server as a padding oracle.\n(CVE-2013-1619)\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the OCSP response verification\nin OpenSSL. A malicious OCSP server could use this flaw to crash\napplications performing OCSP verification by sending a specially-crafted\nresponse. (CVE-2013-0166)\n\nIt was discovered that the TLS/SSL protocol could leak information about\nplain text when optional compression was used. An attacker able to control\npart of the plain text sent over an encrypted TLS/SSL connection could\npossibly use this flaw to recover other portions of the plain text.\n(CVE-2012-4929)\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2013-0292 (dbus-glib issue)\n\nCVE-2013-0228, CVE-2013-0268, and CVE-2013-0871 (kernel issues)\n\nCVE-2013-0338 (libxml2 issue)\n\nThis update contains the builds from the following errata:\n\novirt-node: RHBA-2013:0634\n https://rhn.redhat.com/errata/RHBA-2013-0634.html\nkernel: RHSA-2013:0630\n https://rhn.redhat.com/errata/RHSA-2013-0630.html\ndbus-glib: RHSA-2013:0568\n https://rhn.redhat.com/errata/RHSA-2013-0568.html\nlibcgroup: RHBA-2013:0560\n https://rhn.redhat.com/errata/RHBA-2013-0560.html\nvdsm: RHBA-2013:0635\n https://rhn.redhat.com/errata/RHBA-2013-0635.html\nselinux-policy: RHBA-2013:0618\n https://rhn.redhat.com/errata/RHBA-2013-0618.html\nqemu-kvm-rhev: RHSA-2013:0610\n https://rhn.redhat.com/errata/RHSA-2013-0610.html\nglusterfs: RHBA-2013:0620\n https://rhn.redhat.com/errata/RHBA-2013-0620.html\ngnutls: RHSA-2013:0588\n https://rhn.redhat.com/errata/RHSA-2013-0588.html\nipmitool: RHBA-2013:0572\n https://rhn.redhat.com/errata/RHBA-2013-0572.html\nlibxml2: RHSA-2013:0581\n https://rhn.redhat.com/errata/RHSA-2013-0581.html\nopenldap: RHBA-2013:0598\n https://rhn.redhat.com/errata/RHBA-2013-0598.html\nopenssl: RHSA-2013:0587\n https://rhn.redhat.com/errata/RHSA-2013-0587.html\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which fixes these issues.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2013:0636", "url": "https://access.redhat.com/errata/RHSA-2013:0636" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", "url": "https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html" }, { "category": "external", "summary": "857051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051" }, { "category": "external", "summary": "889301", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=889301" }, { "category": "external", "summary": "907589", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907589" }, { "category": "external", "summary": "908052", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908052" }, { "category": "external", "summary": "908238", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908238" }, { "category": "external", "summary": "913267", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=913267" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0636.json" } ], "title": "Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update", "tracking": { "current_release_date": "2024-11-22T06:33:40+00:00", "generator": { "date": "2024-11-22T06:33:40+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2013:0636", "initial_release_date": "2013-03-13T14:40:00+00:00", "revision_history": [ { "date": "2013-03-13T14:40:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2013-03-13T14:47:11+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T06:33:40+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHEV Hypervisor for RHEL-6", "product": { "name": "RHEV Hypervisor for RHEL-6", "product_id": "6Server-RHEV-Hypervisor", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::hypervisor" } } } ], "category": "product_family", "name": "Red Hat Virtualization" }, { "branches": [ { "category": "product_version", "name": "rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch", "product": { "name": "rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch", "product_id": "rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhev-hypervisor6@6.4-20130306.2.el6_4?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch as a component of RHEV Hypervisor for RHEL-6", "product_id": "6Server-RHEV-Hypervisor:rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch" }, "product_reference": "rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch", "relates_to_product_reference": "6Server-RHEV-Hypervisor" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-4929", "discovery_date": "2012-09-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "857051" } ], "notes": [ { "category": "description", "text": "The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a \"CRIME\" attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS CRIME attack against HTTPS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHEV-Hypervisor:rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4929" }, { "category": "external", "summary": "RHBZ#857051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4929", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4929" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4929", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4929" } ], "release_date": "2012-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-13T14:40:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization \nenvironments using the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", "product_ids": [ "6Server-RHEV-Hypervisor:rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0636" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Server-RHEV-Hypervisor:rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS CRIME attack against HTTPS" }, { "cve": "CVE-2012-6075", "discovery_date": "2012-12-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "889301" } ], "notes": [ { "category": "description", "text": "Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.", "title": "Vulnerability description" }, { "category": "summary", "text": "qemu: e1000 driver buffer overflow when processing large packets when SBP and LPE flags are disabled", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHEV-Hypervisor:rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-6075" }, { "category": "external", "summary": "RHBZ#889301", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=889301" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-6075", "url": "https://www.cve.org/CVERecord?id=CVE-2012-6075" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-6075", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6075" } ], "release_date": "2012-12-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-13T14:40:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization \nenvironments using the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", "product_ids": [ "6Server-RHEV-Hypervisor:rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0636" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.8, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "6Server-RHEV-Hypervisor:rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "qemu: e1000 driver buffer overflow when processing large packets when SBP and LPE flags are disabled" }, { "cve": "CVE-2013-0166", "discovery_date": "2013-02-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "908052" } ], "notes": [ { "category": "description", "text": "OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.", "title": "Vulnerability description" }, { "category": "summary", "text": "openssl: DoS due to improper handling of OCSP response verification", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHEV-Hypervisor:rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-0166" }, { "category": "external", "summary": "RHBZ#908052", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908052" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-0166", "url": "https://www.cve.org/CVERecord?id=CVE-2013-0166" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0166", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0166" }, { "category": "external", "summary": "http://www.openssl.org/news/secadv_20130205.txt", "url": "http://www.openssl.org/news/secadv_20130205.txt" } ], "release_date": "2013-02-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-13T14:40:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization \nenvironments using the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", "product_ids": [ "6Server-RHEV-Hypervisor:rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0636" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "6Server-RHEV-Hypervisor:rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "openssl: DoS due to improper handling of OCSP response verification" }, { "cve": "CVE-2013-0169", "discovery_date": "2013-02-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "907589" } ], "notes": [ { "category": "description", "text": "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: CBC padding timing attack (lucky-13)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHEV-Hypervisor:rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-0169" }, { "category": "external", "summary": "RHBZ#907589", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907589" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-0169", "url": "https://www.cve.org/CVERecord?id=CVE-2013-0169" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0169", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0169" }, { "category": "external", "summary": "http://www.isg.rhul.ac.uk/tls/", "url": "http://www.isg.rhul.ac.uk/tls/" }, { "category": "external", "summary": "http://www.openssl.org/news/secadv_20130205.txt", "url": "http://www.openssl.org/news/secadv_20130205.txt" }, { "category": "external", "summary": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released", "url": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released" } ], "release_date": "2013-02-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-13T14:40:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization \nenvironments using the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", "product_ids": [ "6Server-RHEV-Hypervisor:rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0636" }, { "category": "workaround", "details": "On OpenShift Container Platform 3.11 it\u0027s possible to edit the list of cipher suites offered by the router when performing \u0027edge\u0027, or \u0027re-encrypt\u0027 TLS modes. Please follow the documentation [1], and [2] to remove the vulnerable CBC ciphers use the modern, or intermediate cipher suites outlined by Mozilla instead [3]. In \u0027passthrough\u0027 mode TLS termination occurs in the application so that is another way to mitigate the vulnerability.\n[1] https://docs.openshift.com/container-platform/3.11/install_config/router/customized_haproxy_router.html#obtaining-router-configuration-template\n[2] https://docs.openshift.com/container-platform/3.11/install_config/router/customized_haproxy_router.html#using-configmap-replace-template\n[3] https://wiki.mozilla.org/Security/Server_Side_TLS", "product_ids": [ "6Server-RHEV-Hypervisor:rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Server-RHEV-Hypervisor:rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: CBC padding timing attack (lucky-13)" }, { "cve": "CVE-2013-1619", "discovery_date": "2013-02-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "908238" } ], "notes": [ { "category": "description", "text": "The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.", "title": "Vulnerability description" }, { "category": "summary", "text": "gnutls: TLS CBC padding timing attack (lucky-13)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHEV-Hypervisor:rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1619" }, { "category": "external", "summary": "RHBZ#908238", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908238" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1619", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1619" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1619", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1619" }, { "category": "external", "summary": "http://www.gnutls.org/security.html#GNUTLS-SA-2013-1", "url": "http://www.gnutls.org/security.html#GNUTLS-SA-2013-1" }, { "category": "external", "summary": "http://www.isg.rhul.ac.uk/tls/", "url": "http://www.isg.rhul.ac.uk/tls/" } ], "release_date": "2013-02-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-13T14:40:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization \nenvironments using the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", "product_ids": [ "6Server-RHEV-Hypervisor:rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0636" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Server-RHEV-Hypervisor:rhev-hypervisor6-0:6.4-20130306.2.el6_4.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "gnutls: TLS CBC padding timing attack (lucky-13)" } ] }
rhsa-2013_0587
Vulnerability from csaf_redhat
Published
2013-03-04 21:05
Modified
2024-11-22 06:33
Summary
Red Hat Security Advisory: openssl security update
Notes
Topic
Updated openssl packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols, as well as a
full-strength, general purpose cryptography library.
It was discovered that OpenSSL leaked timing information when decrypting
TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites
were used. A remote attacker could possibly use this flaw to retrieve plain
text from the encrypted packets by using a TLS/SSL or DTLS server as a
padding oracle. (CVE-2013-0169)
A NULL pointer dereference flaw was found in the OCSP response verification
in OpenSSL. A malicious OCSP server could use this flaw to crash
applications performing OCSP verification by sending a specially-crafted
response. (CVE-2013-0166)
It was discovered that the TLS/SSL protocol could leak information about
plain text when optional compression was used. An attacker able to control
part of the plain text sent over an encrypted TLS/SSL connection could
possibly use this flaw to recover other portions of the plain text.
(CVE-2012-4929)
Note: This update disables zlib compression, which was previously enabled
in OpenSSL by default. Applications using OpenSSL now need to explicitly
enable zlib compression to use it.
It was found that OpenSSL read certain environment variables even when used
by a privileged (setuid or setgid) application. A local attacker could use
this flaw to escalate their privileges. No application shipped with Red Hat
Enterprise Linux 5 and 6 was affected by this problem. (BZ#839735)
All OpenSSL users should upgrade to these updated packages, which contain
backported patches to resolve these issues. For the update to take effect,
all services linked to the OpenSSL library must be restarted, or the
system rebooted.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the OCSP response verification\nin OpenSSL. A malicious OCSP server could use this flaw to crash\napplications performing OCSP verification by sending a specially-crafted\nresponse. (CVE-2013-0166)\n\nIt was discovered that the TLS/SSL protocol could leak information about\nplain text when optional compression was used. An attacker able to control\npart of the plain text sent over an encrypted TLS/SSL connection could\npossibly use this flaw to recover other portions of the plain text.\n(CVE-2012-4929)\n\nNote: This update disables zlib compression, which was previously enabled\nin OpenSSL by default. Applications using OpenSSL now need to explicitly\nenable zlib compression to use it.\n\nIt was found that OpenSSL read certain environment variables even when used\nby a privileged (setuid or setgid) application. A local attacker could use\nthis flaw to escalate their privileges. No application shipped with Red Hat\nEnterprise Linux 5 and 6 was affected by this problem. (BZ#839735)\n\nAll OpenSSL users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. For the update to take effect,\nall services linked to the OpenSSL library must be restarted, or the\nsystem rebooted.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2013:0587", "url": "https://access.redhat.com/errata/RHSA-2013:0587" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "839735", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=839735" }, { "category": "external", "summary": "857051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051" }, { "category": "external", "summary": "907589", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907589" }, { "category": "external", "summary": "908052", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908052" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0587.json" } ], "title": "Red Hat Security Advisory: openssl security update", "tracking": { "current_release_date": "2024-11-22T06:33:35+00:00", "generator": { "date": "2024-11-22T06:33:35+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2013:0587", "initial_release_date": "2013-03-04T21:05:00+00:00", "revision_history": [ { "date": "2013-03-04T21:05:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2013-03-04T21:11:42+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T06:33:35+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux (v. 5 server)", "product": { "name": "Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:5::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "openssl-perl-0:0.9.8e-26.el5_9.1.s390x", "product": { "name": "openssl-perl-0:0.9.8e-26.el5_9.1.s390x", "product_id": "openssl-perl-0:0.9.8e-26.el5_9.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-perl@0.9.8e-26.el5_9.1?arch=s390x" } } }, { "category": "product_version", "name": "openssl-devel-0:0.9.8e-26.el5_9.1.s390x", "product": { "name": "openssl-devel-0:0.9.8e-26.el5_9.1.s390x", "product_id": "openssl-devel-0:0.9.8e-26.el5_9.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-devel@0.9.8e-26.el5_9.1?arch=s390x" } } }, { "category": "product_version", "name": "openssl-0:0.9.8e-26.el5_9.1.s390x", "product": { "name": "openssl-0:0.9.8e-26.el5_9.1.s390x", "product_id": "openssl-0:0.9.8e-26.el5_9.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@0.9.8e-26.el5_9.1?arch=s390x" } } }, { "category": "product_version", "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390x", "product": { "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390x", "product_id": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@0.9.8e-26.el5_9.1?arch=s390x" } } }, { "category": "product_version", "name": "openssl-static-0:1.0.0-27.el6_4.2.s390x", "product": { "name": "openssl-static-0:1.0.0-27.el6_4.2.s390x", "product_id": "openssl-static-0:1.0.0-27.el6_4.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-static@1.0.0-27.el6_4.2?arch=s390x" } } }, { "category": "product_version", "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "product": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "product_id": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.0-27.el6_4.2?arch=s390x" } } }, { "category": "product_version", "name": "openssl-perl-0:1.0.0-27.el6_4.2.s390x", "product": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.s390x", "product_id": "openssl-perl-0:1.0.0-27.el6_4.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-perl@1.0.0-27.el6_4.2?arch=s390x" } } }, { "category": "product_version", "name": "openssl-0:1.0.0-27.el6_4.2.s390x", "product": { "name": "openssl-0:1.0.0-27.el6_4.2.s390x", "product_id": "openssl-0:1.0.0-27.el6_4.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@1.0.0-27.el6_4.2?arch=s390x" } } }, { "category": "product_version", "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390x", "product": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390x", "product_id": "openssl-devel-0:1.0.0-27.el6_4.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-devel@1.0.0-27.el6_4.2?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openssl-devel-0:0.9.8e-26.el5_9.1.s390", "product": { "name": "openssl-devel-0:0.9.8e-26.el5_9.1.s390", "product_id": "openssl-devel-0:0.9.8e-26.el5_9.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-devel@0.9.8e-26.el5_9.1?arch=s390" } } }, { "category": "product_version", "name": "openssl-0:0.9.8e-26.el5_9.1.s390", "product": { "name": "openssl-0:0.9.8e-26.el5_9.1.s390", "product_id": "openssl-0:0.9.8e-26.el5_9.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@0.9.8e-26.el5_9.1?arch=s390" } } }, { "category": "product_version", "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390", "product": { "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390", "product_id": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@0.9.8e-26.el5_9.1?arch=s390" } } }, { "category": "product_version", "name": "openssl-0:1.0.0-27.el6_4.2.s390", "product": { "name": "openssl-0:1.0.0-27.el6_4.2.s390", "product_id": "openssl-0:1.0.0-27.el6_4.2.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@1.0.0-27.el6_4.2?arch=s390" } } }, { "category": "product_version", "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "product": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "product_id": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.0-27.el6_4.2?arch=s390" } } }, { "category": "product_version", "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390", "product": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390", "product_id": "openssl-devel-0:1.0.0-27.el6_4.2.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-devel@1.0.0-27.el6_4.2?arch=s390" } } } ], "category": "architecture", "name": "s390" }, { "branches": [ { "category": "product_version", "name": "openssl-perl-0:0.9.8e-26.el5_9.1.x86_64", "product": { "name": "openssl-perl-0:0.9.8e-26.el5_9.1.x86_64", "product_id": "openssl-perl-0:0.9.8e-26.el5_9.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-perl@0.9.8e-26.el5_9.1?arch=x86_64" } } }, { "category": "product_version", "name": "openssl-devel-0:0.9.8e-26.el5_9.1.x86_64", "product": { "name": "openssl-devel-0:0.9.8e-26.el5_9.1.x86_64", "product_id": "openssl-devel-0:0.9.8e-26.el5_9.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-devel@0.9.8e-26.el5_9.1?arch=x86_64" } } }, { "category": "product_version", "name": "openssl-0:0.9.8e-26.el5_9.1.x86_64", "product": { "name": "openssl-0:0.9.8e-26.el5_9.1.x86_64", "product_id": "openssl-0:0.9.8e-26.el5_9.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@0.9.8e-26.el5_9.1?arch=x86_64" } } }, { "category": "product_version", "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.x86_64", "product": { "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.x86_64", "product_id": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@0.9.8e-26.el5_9.1?arch=x86_64" } } }, { "category": "product_version", "name": "openssl-static-0:1.0.0-27.el6_4.2.x86_64", "product": { "name": "openssl-static-0:1.0.0-27.el6_4.2.x86_64", "product_id": "openssl-static-0:1.0.0-27.el6_4.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-static@1.0.0-27.el6_4.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "product": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "product_id": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.0-27.el6_4.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "product": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "product_id": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-perl@1.0.0-27.el6_4.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssl-0:1.0.0-27.el6_4.2.x86_64", "product": { "name": "openssl-0:1.0.0-27.el6_4.2.x86_64", "product_id": "openssl-0:1.0.0-27.el6_4.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@1.0.0-27.el6_4.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "product": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "product_id": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-devel@1.0.0-27.el6_4.2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "openssl-devel-0:0.9.8e-26.el5_9.1.i386", "product": { "name": "openssl-devel-0:0.9.8e-26.el5_9.1.i386", "product_id": "openssl-devel-0:0.9.8e-26.el5_9.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-devel@0.9.8e-26.el5_9.1?arch=i386" } } }, { "category": "product_version", "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.i386", "product": { "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.i386", "product_id": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@0.9.8e-26.el5_9.1?arch=i386" } } }, { "category": "product_version", "name": "openssl-perl-0:0.9.8e-26.el5_9.1.i386", "product": { "name": "openssl-perl-0:0.9.8e-26.el5_9.1.i386", "product_id": "openssl-perl-0:0.9.8e-26.el5_9.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-perl@0.9.8e-26.el5_9.1?arch=i386" } } }, { "category": "product_version", "name": "openssl-0:0.9.8e-26.el5_9.1.i386", "product": { "name": "openssl-0:0.9.8e-26.el5_9.1.i386", "product_id": "openssl-0:0.9.8e-26.el5_9.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@0.9.8e-26.el5_9.1?arch=i386" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "openssl-0:0.9.8e-26.el5_9.1.i686", "product": { "name": "openssl-0:0.9.8e-26.el5_9.1.i686", "product_id": "openssl-0:0.9.8e-26.el5_9.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@0.9.8e-26.el5_9.1?arch=i686" } } }, { "category": "product_version", "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.i686", "product": { "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.i686", "product_id": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@0.9.8e-26.el5_9.1?arch=i686" } } }, { "category": "product_version", "name": "openssl-static-0:1.0.0-27.el6_4.2.i686", "product": { "name": "openssl-static-0:1.0.0-27.el6_4.2.i686", "product_id": "openssl-static-0:1.0.0-27.el6_4.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-static@1.0.0-27.el6_4.2?arch=i686" } } }, { "category": "product_version", "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "product": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "product_id": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.0-27.el6_4.2?arch=i686" } } }, { "category": "product_version", "name": "openssl-perl-0:1.0.0-27.el6_4.2.i686", "product": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.i686", "product_id": "openssl-perl-0:1.0.0-27.el6_4.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-perl@1.0.0-27.el6_4.2?arch=i686" } } }, { "category": "product_version", "name": "openssl-0:1.0.0-27.el6_4.2.i686", "product": { "name": "openssl-0:1.0.0-27.el6_4.2.i686", "product_id": "openssl-0:1.0.0-27.el6_4.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@1.0.0-27.el6_4.2?arch=i686" } } }, { "category": "product_version", "name": "openssl-devel-0:1.0.0-27.el6_4.2.i686", "product": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.i686", "product_id": "openssl-devel-0:1.0.0-27.el6_4.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-devel@1.0.0-27.el6_4.2?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "openssl-perl-0:0.9.8e-26.el5_9.1.ia64", "product": { "name": "openssl-perl-0:0.9.8e-26.el5_9.1.ia64", "product_id": "openssl-perl-0:0.9.8e-26.el5_9.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-perl@0.9.8e-26.el5_9.1?arch=ia64" } } }, { "category": "product_version", "name": "openssl-devel-0:0.9.8e-26.el5_9.1.ia64", "product": { "name": "openssl-devel-0:0.9.8e-26.el5_9.1.ia64", "product_id": "openssl-devel-0:0.9.8e-26.el5_9.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-devel@0.9.8e-26.el5_9.1?arch=ia64" } } }, { "category": "product_version", "name": "openssl-0:0.9.8e-26.el5_9.1.ia64", "product": { "name": "openssl-0:0.9.8e-26.el5_9.1.ia64", "product_id": "openssl-0:0.9.8e-26.el5_9.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@0.9.8e-26.el5_9.1?arch=ia64" } } }, { "category": "product_version", "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.ia64", "product": { "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.ia64", "product_id": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@0.9.8e-26.el5_9.1?arch=ia64" } } } ], "category": "architecture", "name": "ia64" }, { "branches": [ { "category": "product_version", "name": "openssl-perl-0:0.9.8e-26.el5_9.1.ppc", "product": { "name": "openssl-perl-0:0.9.8e-26.el5_9.1.ppc", "product_id": "openssl-perl-0:0.9.8e-26.el5_9.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-perl@0.9.8e-26.el5_9.1?arch=ppc" } } }, { "category": "product_version", "name": "openssl-devel-0:0.9.8e-26.el5_9.1.ppc", "product": { "name": "openssl-devel-0:0.9.8e-26.el5_9.1.ppc", "product_id": "openssl-devel-0:0.9.8e-26.el5_9.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-devel@0.9.8e-26.el5_9.1?arch=ppc" } } }, { "category": "product_version", "name": "openssl-0:0.9.8e-26.el5_9.1.ppc", "product": { "name": "openssl-0:0.9.8e-26.el5_9.1.ppc", "product_id": "openssl-0:0.9.8e-26.el5_9.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@0.9.8e-26.el5_9.1?arch=ppc" } } }, { "category": "product_version", "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc", "product": { "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc", "product_id": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@0.9.8e-26.el5_9.1?arch=ppc" } } }, { "category": "product_version", "name": "openssl-0:1.0.0-27.el6_4.2.ppc", "product": { "name": "openssl-0:1.0.0-27.el6_4.2.ppc", "product_id": "openssl-0:1.0.0-27.el6_4.2.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@1.0.0-27.el6_4.2?arch=ppc" } } }, { "category": "product_version", "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "product": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "product_id": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.0-27.el6_4.2?arch=ppc" } } }, { "category": "product_version", "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc", "product": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc", "product_id": "openssl-devel-0:1.0.0-27.el6_4.2.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-devel@1.0.0-27.el6_4.2?arch=ppc" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "openssl-devel-0:0.9.8e-26.el5_9.1.ppc64", "product": { "name": "openssl-devel-0:0.9.8e-26.el5_9.1.ppc64", "product_id": "openssl-devel-0:0.9.8e-26.el5_9.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-devel@0.9.8e-26.el5_9.1?arch=ppc64" } } }, { "category": "product_version", "name": "openssl-0:0.9.8e-26.el5_9.1.ppc64", "product": { "name": "openssl-0:0.9.8e-26.el5_9.1.ppc64", "product_id": "openssl-0:0.9.8e-26.el5_9.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@0.9.8e-26.el5_9.1?arch=ppc64" } } }, { "category": "product_version", "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc64", "product": { "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc64", "product_id": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@0.9.8e-26.el5_9.1?arch=ppc64" } } }, { "category": "product_version", "name": "openssl-static-0:1.0.0-27.el6_4.2.ppc64", "product": { "name": "openssl-static-0:1.0.0-27.el6_4.2.ppc64", "product_id": "openssl-static-0:1.0.0-27.el6_4.2.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-static@1.0.0-27.el6_4.2?arch=ppc64" } } }, { "category": "product_version", "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "product": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "product_id": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.0-27.el6_4.2?arch=ppc64" } } }, { "category": "product_version", "name": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "product": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "product_id": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-perl@1.0.0-27.el6_4.2?arch=ppc64" } } }, { "category": "product_version", "name": "openssl-0:1.0.0-27.el6_4.2.ppc64", "product": { "name": "openssl-0:1.0.0-27.el6_4.2.ppc64", "product_id": "openssl-0:1.0.0-27.el6_4.2.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@1.0.0-27.el6_4.2?arch=ppc64" } } }, { "category": "product_version", "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "product": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "product_id": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-devel@1.0.0-27.el6_4.2?arch=ppc64" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "openssl-0:0.9.8e-26.el5_9.1.src", "product": { "name": "openssl-0:0.9.8e-26.el5_9.1.src", "product_id": "openssl-0:0.9.8e-26.el5_9.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@0.9.8e-26.el5_9.1?arch=src" } } }, { "category": "product_version", "name": "openssl-0:1.0.0-27.el6_4.2.src", "product": { "name": "openssl-0:1.0.0-27.el6_4.2.src", "product_id": "openssl-0:1.0.0-27.el6_4.2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@1.0.0-27.el6_4.2?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openssl-0:0.9.8e-26.el5_9.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i386" }, "product_reference": "openssl-0:0.9.8e-26.el5_9.1.i386", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:0.9.8e-26.el5_9.1.i686 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i686" }, "product_reference": "openssl-0:0.9.8e-26.el5_9.1.i686", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:0.9.8e-26.el5_9.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ia64" }, "product_reference": "openssl-0:0.9.8e-26.el5_9.1.ia64", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:0.9.8e-26.el5_9.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc" }, "product_reference": "openssl-0:0.9.8e-26.el5_9.1.ppc", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:0.9.8e-26.el5_9.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc64" }, "product_reference": "openssl-0:0.9.8e-26.el5_9.1.ppc64", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:0.9.8e-26.el5_9.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390" }, "product_reference": "openssl-0:0.9.8e-26.el5_9.1.s390", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:0.9.8e-26.el5_9.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390x" }, "product_reference": "openssl-0:0.9.8e-26.el5_9.1.s390x", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:0.9.8e-26.el5_9.1.src as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.src" }, "product_reference": "openssl-0:0.9.8e-26.el5_9.1.src", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:0.9.8e-26.el5_9.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.x86_64" }, "product_reference": "openssl-0:0.9.8e-26.el5_9.1.x86_64", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i386" }, "product_reference": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.i386", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.i686 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i686" }, "product_reference": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.i686", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ia64" }, "product_reference": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.ia64", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc" }, "product_reference": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc64" }, "product_reference": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc64", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390" }, "product_reference": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390x" }, "product_reference": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390x", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.x86_64" }, "product_reference": "openssl-debuginfo-0:0.9.8e-26.el5_9.1.x86_64", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:0.9.8e-26.el5_9.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.i386" }, "product_reference": "openssl-devel-0:0.9.8e-26.el5_9.1.i386", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:0.9.8e-26.el5_9.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ia64" }, "product_reference": "openssl-devel-0:0.9.8e-26.el5_9.1.ia64", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:0.9.8e-26.el5_9.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc" }, "product_reference": "openssl-devel-0:0.9.8e-26.el5_9.1.ppc", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:0.9.8e-26.el5_9.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc64" }, "product_reference": "openssl-devel-0:0.9.8e-26.el5_9.1.ppc64", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:0.9.8e-26.el5_9.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390" }, "product_reference": "openssl-devel-0:0.9.8e-26.el5_9.1.s390", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:0.9.8e-26.el5_9.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390x" }, "product_reference": "openssl-devel-0:0.9.8e-26.el5_9.1.s390x", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:0.9.8e-26.el5_9.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.x86_64" }, "product_reference": "openssl-devel-0:0.9.8e-26.el5_9.1.x86_64", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:0.9.8e-26.el5_9.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.i386" }, "product_reference": "openssl-perl-0:0.9.8e-26.el5_9.1.i386", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:0.9.8e-26.el5_9.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ia64" }, "product_reference": "openssl-perl-0:0.9.8e-26.el5_9.1.ia64", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:0.9.8e-26.el5_9.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ppc" }, "product_reference": "openssl-perl-0:0.9.8e-26.el5_9.1.ppc", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:0.9.8e-26.el5_9.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.s390x" }, "product_reference": "openssl-perl-0:0.9.8e-26.el5_9.1.s390x", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:0.9.8e-26.el5_9.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.x86_64" }, "product_reference": "openssl-perl-0:0.9.8e-26.el5_9.1.x86_64", "relates_to_product_reference": "5Server-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.src as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.src" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.src", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Client-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.src", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Client-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.src" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.src", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6ComputeNode-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.src", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.src as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.src" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.src", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Server-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.src", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Server-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.src as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.src" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.src", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Workstation-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.src", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.ppc", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.s390", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.i686", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.ppc64", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.s390x", "relates_to_product_reference": "6Workstation-optional-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-0:1.0.0-27.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64" }, "product_reference": "openssl-static-0:1.0.0-27.el6_4.2.x86_64", "relates_to_product_reference": "6Workstation-optional-6.4.z" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-4929", "discovery_date": "2012-09-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "857051" } ], "notes": [ { "category": "description", "text": "The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a \"CRIME\" attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS CRIME attack against HTTPS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.src", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.x86_64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4929" }, { "category": "external", "summary": "RHBZ#857051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4929", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4929" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4929", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4929" } ], "release_date": "2012-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-04T21:05:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.src", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.x86_64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0587" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.src", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.x86_64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS CRIME attack against HTTPS" }, { "cve": "CVE-2013-0166", "discovery_date": "2013-02-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "908052" } ], "notes": [ { "category": "description", "text": "OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.", "title": "Vulnerability description" }, { "category": "summary", "text": "openssl: DoS due to improper handling of OCSP response verification", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.src", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.x86_64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-0166" }, { "category": "external", "summary": "RHBZ#908052", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908052" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-0166", "url": "https://www.cve.org/CVERecord?id=CVE-2013-0166" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0166", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0166" }, { "category": "external", "summary": "http://www.openssl.org/news/secadv_20130205.txt", "url": "http://www.openssl.org/news/secadv_20130205.txt" } ], "release_date": "2013-02-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-04T21:05:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.src", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.x86_64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0587" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.src", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.x86_64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "openssl: DoS due to improper handling of OCSP response verification" }, { "cve": "CVE-2013-0169", "discovery_date": "2013-02-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "907589" } ], "notes": [ { "category": "description", "text": "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: CBC padding timing attack (lucky-13)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.src", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.x86_64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-0169" }, { "category": "external", "summary": "RHBZ#907589", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907589" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-0169", "url": "https://www.cve.org/CVERecord?id=CVE-2013-0169" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0169", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0169" }, { "category": "external", "summary": "http://www.isg.rhul.ac.uk/tls/", "url": "http://www.isg.rhul.ac.uk/tls/" }, { "category": "external", "summary": "http://www.openssl.org/news/secadv_20130205.txt", "url": "http://www.openssl.org/news/secadv_20130205.txt" }, { "category": "external", "summary": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released", "url": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released" } ], "release_date": "2013-02-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-04T21:05:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.src", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.x86_64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0587" }, { "category": "workaround", "details": "On OpenShift Container Platform 3.11 it\u0027s possible to edit the list of cipher suites offered by the router when performing \u0027edge\u0027, or \u0027re-encrypt\u0027 TLS modes. Please follow the documentation [1], and [2] to remove the vulnerable CBC ciphers use the modern, or intermediate cipher suites outlined by Mozilla instead [3]. In \u0027passthrough\u0027 mode TLS termination occurs in the application so that is another way to mitigate the vulnerability.\n[1] https://docs.openshift.com/container-platform/3.11/install_config/router/customized_haproxy_router.html#obtaining-router-configuration-template\n[2] https://docs.openshift.com/container-platform/3.11/install_config/router/customized_haproxy_router.html#using-configmap-replace-template\n[3] https://wiki.mozilla.org/Security/Server_Side_TLS", "product_ids": [ "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.src", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.x86_64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.src", "5Server-5.9.Z:openssl-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.i686", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-debuginfo-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.ppc64", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-devel-0:0.9.8e-26.el5_9.1.x86_64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.i386", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ia64", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.ppc", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.s390x", "5Server-5.9.Z:openssl-perl-0:0.9.8e-26.el5_9.1.x86_64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Client-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Client-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6ComputeNode-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6ComputeNode-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Server-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Server-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.src", "6Workstation-optional-6.4.z:openssl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-debuginfo-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-devel-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-perl-0:1.0.0-27.el6_4.2.x86_64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.i686", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.ppc64", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.s390x", "6Workstation-optional-6.4.z:openssl-static-0:1.0.0-27.el6_4.2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: CBC padding timing attack (lucky-13)" } ] }
ghsa-348j-44v2-vwfr
Vulnerability from github
Published
2022-05-14 03:29
Modified
2022-05-14 03:29
Details
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a "CRIME" attack.
{ "affected": [], "aliases": [ "CVE-2012-4929" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2012-09-15T18:55:00Z", "severity": "LOW" }, "details": "The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a \"CRIME\" attack.", "id": "GHSA-348j-44v2-vwfr", "modified": "2022-05-14T03:29:55Z", "published": "2022-05-14T03:29:55Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4929" }, { "type": "WEB", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051" }, { "type": "WEB", "url": "https://chromiumcodereview.appspot.com/10825183" }, { "type": "WEB", "url": "https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls" }, { "type": "WEB", "url": "https://gist.github.com/3696912" }, { "type": "WEB", "url": "https://github.com/mpgn/CRIME-poc" }, { "type": "WEB", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920" }, { "type": "WEB", "url": "https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212" }, { "type": "WEB", "url": "http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions" }, { "type": "WEB", "url": "http://code.google.com/p/chromium/issues/detail?id=139744" }, { "type": "WEB", "url": "http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html" }, { "type": "WEB", "url": "http://jvn.jp/en/jp/JVN65273415/index.html" }, { "type": "WEB", "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html" }, { "type": "WEB", "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html" }, { "type": "WEB", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "type": "WEB", "url": "http://news.ycombinator.com/item?id=4510829" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html" }, { "type": "WEB", "url": "http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor" }, { "type": "WEB", "url": "http://support.apple.com/kb/HT5784" }, { "type": "WEB", "url": "http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312" }, { "type": "WEB", "url": "http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512" }, { "type": "WEB", "url": "http://www.debian.org/security/2012/dsa-2579" }, { "type": "WEB", "url": "http://www.debian.org/security/2013/dsa-2627" }, { "type": "WEB", "url": "http://www.debian.org/security/2015/dsa-3253" }, { "type": "WEB", "url": "http://www.ekoparty.org/2012/thai-duong.php" }, { "type": "WEB", "url": "http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/55704" }, { "type": "WEB", "url": "http://www.theregister.co.uk/2012/09/14/crime_tls_attack" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-1627-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-1628-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-1898-1" } ], "schema_version": "1.4.0", "severity": [] }
gsd-2012-4929
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a "CRIME" attack.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2012-4929", "description": "The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a \"CRIME\" attack.", "id": "GSD-2012-4929", "references": [ "https://www.suse.com/security/cve/CVE-2012-4929.html", "https://www.debian.org/security/2015/dsa-3253", "https://www.debian.org/security/2013/dsa-2626", "https://www.debian.org/security/2013/dsa-2627", "https://www.debian.org/security/2012/dsa-2579", "https://access.redhat.com/errata/RHSA-2014:0416", "https://access.redhat.com/errata/RHSA-2013:0636", "https://access.redhat.com/errata/RHSA-2013:0587", "https://alas.aws.amazon.com/cve/html/CVE-2012-4929.html", "https://linux.oracle.com/cve/CVE-2012-4929.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2012-4929" ], "details": "The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a \"CRIME\" attack.", "id": "GSD-2012-4929", "modified": "2023-12-13T01:20:14.957620Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-4929", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a \"CRIME\" attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SSRT101139", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "name": "RHSA-2013:0587", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html" }, { "name": "DSA-2579", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2012/dsa-2579" }, { "name": "https://gist.github.com/3696912", "refsource": "MISC", "url": "https://gist.github.com/3696912" }, { "name": "http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091", "refsource": "MISC", "url": "http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091" }, { "name": "FEDORA-2013-4403", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html" }, { "name": "USN-1898-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1898-1" }, { "name": "https://chromiumcodereview.appspot.com/10825183", "refsource": "CONFIRM", "url": "https://chromiumcodereview.appspot.com/10825183" }, { "name": "openSUSE-SU-2012:1420", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html" }, { "name": "http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312", "refsource": "MISC", "url": "http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312" }, { "name": "DSA-3253", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3253" }, { "name": "http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html", "refsource": "MISC", "url": "http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html" }, { "name": "openSUSE-SU-2013:0157", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html" }, { "name": "https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls", "refsource": "MISC", "url": "https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls" }, { "name": "https://github.com/mpgn/CRIME-poc", "refsource": "MISC", "url": "https://github.com/mpgn/CRIME-poc" }, { "name": "http://news.ycombinator.com/item?id=4510829", "refsource": "MISC", "url": "http://news.ycombinator.com/item?id=4510829" }, { "name": "http://support.apple.com/kb/HT5784", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT5784" }, { "name": "http://www.theregister.co.uk/2012/09/14/crime_tls_attack/", "refsource": "MISC", "url": "http://www.theregister.co.uk/2012/09/14/crime_tls_attack/" }, { "name": "APPLE-SA-2013-06-04-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html" }, { "name": "JVNDB-2016-000129", "refsource": "JVNDB", "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html" }, { "name": "USN-1627-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1627-1" }, { "name": "DSA-2627", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2013/dsa-2627" }, { "name": "http://code.google.com/p/chromium/issues/detail?id=139744", "refsource": "CONFIRM", "url": "http://code.google.com/p/chromium/issues/detail?id=139744" }, { "name": "oval:org.mitre.oval:def:18920", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920" }, { "name": "http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/", "refsource": "MISC", "url": "http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/" }, { "name": "55704", "refsource": "BID", "url": "http://www.securityfocus.com/bid/55704" }, { "name": "USN-1628-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1628-1" }, { "name": "https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212", "refsource": "MISC", "url": "https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212" }, { "name": "http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512", "refsource": "MISC", "url": "http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512" }, { "name": "http://www.ekoparty.org/2012/thai-duong.php", "refsource": "MISC", "url": "http://www.ekoparty.org/2012/thai-duong.php" }, { "name": "openSUSE-SU-2013:0143", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html" }, { "name": "http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor", "refsource": "MISC", "url": "http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor" }, { "name": "HPSBUX02866", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "name": "JVN#65273415", "refsource": "JVN", "url": "http://jvn.jp/en/jp/JVN65273415/index.html" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=857051", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-4929" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a \"CRIME\" attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-310" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.ekoparty.org/2012/thai-duong.php", "refsource": "MISC", "tags": [], "url": "http://www.ekoparty.org/2012/thai-duong.php" }, { "name": "http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091", "refsource": "MISC", "tags": [], "url": "http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091" }, { "name": "http://code.google.com/p/chromium/issues/detail?id=139744", "refsource": "CONFIRM", "tags": [], "url": "http://code.google.com/p/chromium/issues/detail?id=139744" }, { "name": "http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512", "refsource": "MISC", "tags": [], "url": "http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512" }, { "name": "https://chromiumcodereview.appspot.com/10825183", "refsource": "CONFIRM", "tags": [], "url": "https://chromiumcodereview.appspot.com/10825183" }, { "name": "https://gist.github.com/3696912", "refsource": "MISC", "tags": [], "url": "https://gist.github.com/3696912" }, { "name": "http://news.ycombinator.com/item?id=4510829", "refsource": "MISC", "tags": [], "url": "http://news.ycombinator.com/item?id=4510829" }, { "name": "http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312", "refsource": "MISC", "tags": [], "url": "http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312" }, { "name": "http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/", "refsource": "MISC", "tags": [], "url": "http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/" }, { "name": "http://www.theregister.co.uk/2012/09/14/crime_tls_attack/", "refsource": "MISC", "tags": [], "url": "http://www.theregister.co.uk/2012/09/14/crime_tls_attack/" }, { "name": "http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor", "refsource": "MISC", "tags": [], "url": "http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor" }, { "name": "https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls", "refsource": "MISC", "tags": [], "url": "https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls" }, { "name": "https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212", "refsource": "MISC", "tags": [], "url": "https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212" }, { "name": "http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html", "refsource": "MISC", "tags": [], "url": "http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=857051", "refsource": "CONFIRM", "tags": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051" }, { "name": "USN-1628-1", "refsource": "UBUNTU", "tags": [], "url": "http://www.ubuntu.com/usn/USN-1628-1" }, { "name": "openSUSE-SU-2012:1420", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html" }, { "name": "DSA-2579", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2012/dsa-2579" }, { "name": "USN-1627-1", "refsource": "UBUNTU", "tags": [], "url": "http://www.ubuntu.com/usn/USN-1627-1" }, { "name": "55704", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/55704" }, { "name": "openSUSE-SU-2013:0143", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html" }, { "name": "openSUSE-SU-2013:0157", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html" }, { "name": "RHSA-2013:0587", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html" }, { "name": "DSA-2627", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2013/dsa-2627" }, { "name": "http://support.apple.com/kb/HT5784", "refsource": "CONFIRM", "tags": [], "url": "http://support.apple.com/kb/HT5784" }, { "name": "APPLE-SA-2013-06-04-1", "refsource": "APPLE", "tags": [], "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html" }, { "name": "USN-1898-1", "refsource": "UBUNTU", "tags": [], "url": "http://www.ubuntu.com/usn/USN-1898-1" }, { "name": "FEDORA-2013-4403", "refsource": "FEDORA", "tags": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html" }, { "name": "DSA-3253", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2015/dsa-3253" }, { "name": "JVN#65273415", "refsource": "JVN", "tags": [], "url": "http://jvn.jp/en/jp/JVN65273415/index.html" }, { "name": "JVNDB-2016-000129", "refsource": "JVNDB", "tags": [], "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html" }, { "name": "SSRT101139", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "name": "oval:org.mitre.oval:def:18920", "refsource": "OVAL", "tags": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920" }, { "name": "https://github.com/mpgn/CRIME-poc", "refsource": "MISC", "tags": [], "url": "https://github.com/mpgn/CRIME-poc" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "userInteractionRequired": false } }, "lastModifiedDate": "2018-04-22T01:29Z", "publishedDate": "2012-09-15T18:55Z" } } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.