rhsa-2015_0800
Vulnerability from csaf_redhat
Published
2015-04-13 11:54
Modified
2024-11-05 18:50
Summary
Red Hat Security Advisory: openssl security update
Notes
Topic
Updated openssl packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 5
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols, as well as a
full-strength, general purpose cryptography library.
It was discovered that OpenSSL would accept ephemeral RSA keys when using
non-export RSA cipher suites. A malicious server could make a TLS/SSL
client using OpenSSL use a weaker key exchange method. (CVE-2015-0204)
An integer underflow flaw, leading to a buffer overflow, was found in the
way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to
make an application using OpenSSL decode a specially crafted Base64-encoded
input (such as a PEM file) could use this flaw to cause the application to
crash. Note: this flaw is not exploitable via the TLS/SSL protocol because
the data being transferred is not Base64-encoded. (CVE-2015-0292)
A denial of service flaw was found in the way OpenSSL handled SSLv2
handshake messages. A remote attacker could use this flaw to cause a
TLS/SSL server using OpenSSL to exit on a failed assertion if it had both
the SSLv2 protocol and EXPORT-grade cipher suites enabled. (CVE-2015-0293)
Multiple flaws were found in the way OpenSSL parsed X.509 certificates.
An attacker could use these flaws to modify an X.509 certificate to produce
a certificate with a different fingerprint without invalidating its
signature, and possibly bypass fingerprint-based blacklisting in
applications. (CVE-2014-8275)
An out-of-bounds write flaw was found in the way OpenSSL reused certain
ASN.1 structures. A remote attacker could possibly use a specially crafted
ASN.1 structure that, when parsed by an application, would cause that
application to crash. (CVE-2015-0287)
A NULL pointer dereference flaw was found in OpenSSL's X.509 certificate
handling implementation. A specially crafted X.509 certificate could cause
an application using OpenSSL to crash if the application attempted to
convert the certificate to a certificate request. (CVE-2015-0288)
A NULL pointer dereference was found in the way OpenSSL handled certain
PKCS#7 inputs. An attacker able to make an application using OpenSSL
verify, decrypt, or parse a specially crafted PKCS#7 input could cause that
application to crash. TLS/SSL clients and servers using OpenSSL were not
affected by this flaw. (CVE-2015-0289)
Red Hat would like to thank the OpenSSL project for reporting
CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, and
CVE-2015-0293. Upstream acknowledges Emilia Käsper of the OpenSSL
development team as the original reporter of CVE-2015-0287, Brian Carpenter
as the original reporter of CVE-2015-0288, Michal Zalewski of Google as the
original reporter of CVE-2015-0289, Robert Dugal and David Ramos as the
original reporters of CVE-2015-0292, and Sean Burford of Google and Emilia
Käsper of the OpenSSL development team as the original reporters of
CVE-2015-0293.
All openssl users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. For the update to take
effect, all services linked to the OpenSSL library must be restarted, or
the system rebooted.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL would accept ephemeral RSA keys when using\nnon-export RSA cipher suites. A malicious server could make a TLS/SSL\nclient using OpenSSL use a weaker key exchange method. (CVE-2015-0204)\n\nAn integer underflow flaw, leading to a buffer overflow, was found in the\nway OpenSSL decoded malformed Base64-encoded inputs. An attacker able to\nmake an application using OpenSSL decode a specially crafted Base64-encoded\ninput (such as a PEM file) could use this flaw to cause the application to\ncrash. Note: this flaw is not exploitable via the TLS/SSL protocol because\nthe data being transferred is not Base64-encoded. (CVE-2015-0292)\n\nA denial of service flaw was found in the way OpenSSL handled SSLv2\nhandshake messages. A remote attacker could use this flaw to cause a\nTLS/SSL server using OpenSSL to exit on a failed assertion if it had both\nthe SSLv2 protocol and EXPORT-grade cipher suites enabled. (CVE-2015-0293)\n\nMultiple flaws were found in the way OpenSSL parsed X.509 certificates.\nAn attacker could use these flaws to modify an X.509 certificate to produce\na certificate with a different fingerprint without invalidating its\nsignature, and possibly bypass fingerprint-based blacklisting in\napplications. (CVE-2014-8275)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused certain\nASN.1 structures. A remote attacker could possibly use a specially crafted\nASN.1 structure that, when parsed by an application, would cause that\napplication to crash. (CVE-2015-0287)\n\nA NULL pointer dereference flaw was found in OpenSSL\u0027s X.509 certificate\nhandling implementation. A specially crafted X.509 certificate could cause\nan application using OpenSSL to crash if the application attempted to\nconvert the certificate to a certificate request. (CVE-2015-0288)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain\nPKCS#7 inputs. An attacker able to make an application using OpenSSL\nverify, decrypt, or parse a specially crafted PKCS#7 input could cause that\napplication to crash. TLS/SSL clients and servers using OpenSSL were not\naffected by this flaw. (CVE-2015-0289)\n\nRed Hat would like to thank the OpenSSL project for reporting \nCVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, and \nCVE-2015-0293. Upstream acknowledges Emilia K\u00e4sper of the OpenSSL \ndevelopment team as the original reporter of CVE-2015-0287, Brian Carpenter \nas the original reporter of CVE-2015-0288, Michal Zalewski of Google as the \noriginal reporter of CVE-2015-0289, Robert Dugal and David Ramos as the \noriginal reporters of CVE-2015-0292, and Sean Burford of Google and Emilia \nK\u00e4sper of the OpenSSL development team as the original reporters of \nCVE-2015-0293.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2015:0800",
"url": "https://access.redhat.com/errata/RHSA-2015:0800"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv_20150108.txt",
"url": "https://www.openssl.org/news/secadv_20150108.txt"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv_20150319.txt",
"url": "https://www.openssl.org/news/secadv_20150319.txt"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/1384453",
"url": "https://access.redhat.com/articles/1384453"
},
{
"category": "external",
"summary": "1180184",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1180184"
},
{
"category": "external",
"summary": "1180187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1180187"
},
{
"category": "external",
"summary": "1202380",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202380"
},
{
"category": "external",
"summary": "1202384",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202384"
},
{
"category": "external",
"summary": "1202395",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202395"
},
{
"category": "external",
"summary": "1202404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202404"
},
{
"category": "external",
"summary": "1202418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202418"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_0800.json"
}
],
"title": "Red Hat Security Advisory: openssl security update",
"tracking": {
"current_release_date": "2024-11-05T18:50:42+00:00",
"generator": {
"date": "2024-11-05T18:50:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2015:0800",
"initial_release_date": "2015-04-13T11:54:05+00:00",
"revision_history": [
{
"date": "2015-04-13T11:54:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-04-13T11:54:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T18:50:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-devel-0:0.9.8e-33.el5_11.ia64",
"product": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.ia64",
"product_id": "openssl-devel-0:0.9.8e-33.el5_11.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@0.9.8e-33.el5_11?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "openssl-0:0.9.8e-33.el5_11.ia64",
"product": {
"name": "openssl-0:0.9.8e-33.el5_11.ia64",
"product_id": "openssl-0:0.9.8e-33.el5_11.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@0.9.8e-33.el5_11?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"product": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"product_id": "openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@0.9.8e-33.el5_11?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-0:0.9.8e-33.el5_11.ia64",
"product": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.ia64",
"product_id": "openssl-perl-0:0.9.8e-33.el5_11.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@0.9.8e-33.el5_11?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"product": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"product_id": "openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@0.9.8e-33.el5_11?arch=i686"
}
}
},
{
"category": "product_version",
"name": "openssl-0:0.9.8e-33.el5_11.i686",
"product": {
"name": "openssl-0:0.9.8e-33.el5_11.i686",
"product_id": "openssl-0:0.9.8e-33.el5_11.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@0.9.8e-33.el5_11?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-devel-0:0.9.8e-33.el5_11.i386",
"product": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.i386",
"product_id": "openssl-devel-0:0.9.8e-33.el5_11.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@0.9.8e-33.el5_11?arch=i386"
}
}
},
{
"category": "product_version",
"name": "openssl-0:0.9.8e-33.el5_11.i386",
"product": {
"name": "openssl-0:0.9.8e-33.el5_11.i386",
"product_id": "openssl-0:0.9.8e-33.el5_11.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@0.9.8e-33.el5_11?arch=i386"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-0:0.9.8e-33.el5_11.i386",
"product": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.i386",
"product_id": "openssl-perl-0:0.9.8e-33.el5_11.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@0.9.8e-33.el5_11?arch=i386"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"product": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"product_id": "openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@0.9.8e-33.el5_11?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"product": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"product_id": "openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@0.9.8e-33.el5_11?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"product": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"product_id": "openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@0.9.8e-33.el5_11?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssl-0:0.9.8e-33.el5_11.x86_64",
"product": {
"name": "openssl-0:0.9.8e-33.el5_11.x86_64",
"product_id": "openssl-0:0.9.8e-33.el5_11.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@0.9.8e-33.el5_11?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"product": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"product_id": "openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@0.9.8e-33.el5_11?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-0:0.9.8e-33.el5_11.src",
"product": {
"name": "openssl-0:0.9.8e-33.el5_11.src",
"product_id": "openssl-0:0.9.8e-33.el5_11.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@0.9.8e-33.el5_11?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-0:0.9.8e-33.el5_11.s390",
"product": {
"name": "openssl-0:0.9.8e-33.el5_11.s390",
"product_id": "openssl-0:0.9.8e-33.el5_11.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@0.9.8e-33.el5_11?arch=s390"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"product": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"product_id": "openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@0.9.8e-33.el5_11?arch=s390"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-0:0.9.8e-33.el5_11.s390",
"product": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.s390",
"product_id": "openssl-devel-0:0.9.8e-33.el5_11.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@0.9.8e-33.el5_11?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"product": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"product_id": "openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@0.9.8e-33.el5_11?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-0:0.9.8e-33.el5_11.s390x",
"product": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.s390x",
"product_id": "openssl-devel-0:0.9.8e-33.el5_11.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@0.9.8e-33.el5_11?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-0:0.9.8e-33.el5_11.s390x",
"product": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.s390x",
"product_id": "openssl-perl-0:0.9.8e-33.el5_11.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@0.9.8e-33.el5_11?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssl-0:0.9.8e-33.el5_11.s390x",
"product": {
"name": "openssl-0:0.9.8e-33.el5_11.s390x",
"product_id": "openssl-0:0.9.8e-33.el5_11.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@0.9.8e-33.el5_11?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-devel-0:0.9.8e-33.el5_11.ppc",
"product": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.ppc",
"product_id": "openssl-devel-0:0.9.8e-33.el5_11.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@0.9.8e-33.el5_11?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"product": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"product_id": "openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@0.9.8e-33.el5_11?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "openssl-0:0.9.8e-33.el5_11.ppc",
"product": {
"name": "openssl-0:0.9.8e-33.el5_11.ppc",
"product_id": "openssl-0:0.9.8e-33.el5_11.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@0.9.8e-33.el5_11?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-0:0.9.8e-33.el5_11.ppc",
"product": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.ppc",
"product_id": "openssl-perl-0:0.9.8e-33.el5_11.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@0.9.8e-33.el5_11?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-0:0.9.8e-33.el5_11.ppc64",
"product": {
"name": "openssl-0:0.9.8e-33.el5_11.ppc64",
"product_id": "openssl-0:0.9.8e-33.el5_11.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@0.9.8e-33.el5_11?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"product": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"product_id": "openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@0.9.8e-33.el5_11?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"product": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"product_id": "openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@0.9.8e-33.el5_11?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.i386",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.i686 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.i686",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.ia64",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.ppc",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.ppc64",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.s390",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.s390x",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.src",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.x86_64",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.i686 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.i386",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.ia64",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.ppc",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.s390",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.s390x",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386"
},
"product_reference": "openssl-perl-0:0.9.8e-33.el5_11.i386",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64"
},
"product_reference": "openssl-perl-0:0.9.8e-33.el5_11.ia64",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc"
},
"product_reference": "openssl-perl-0:0.9.8e-33.el5_11.ppc",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x"
},
"product_reference": "openssl-perl-0:0.9.8e-33.el5_11.s390x",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
},
"product_reference": "openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"relates_to_product_reference": "5Client-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.i386",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.i686 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.i686",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.ia64",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.ppc",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.ppc64",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.s390",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.s390x",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.src",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.x86_64",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.i686 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.i386",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.ia64",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.ppc",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.s390",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.s390x",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386"
},
"product_reference": "openssl-perl-0:0.9.8e-33.el5_11.i386",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64"
},
"product_reference": "openssl-perl-0:0.9.8e-33.el5_11.ia64",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc"
},
"product_reference": "openssl-perl-0:0.9.8e-33.el5_11.ppc",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x"
},
"product_reference": "openssl-perl-0:0.9.8e-33.el5_11.s390x",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
},
"product_reference": "openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"relates_to_product_reference": "5Client-Workstation-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.i386",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.i686 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.i686",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.ia64",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.ppc",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.ppc64",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.s390",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.s390x",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.src",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-0:0.9.8e-33.el5_11.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64"
},
"product_reference": "openssl-0:0.9.8e-33.el5_11.x86_64",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.i686 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64"
},
"product_reference": "openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.i386",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.ia64",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.ppc",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.s390",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.s390x",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-0:0.9.8e-33.el5_11.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64"
},
"product_reference": "openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386"
},
"product_reference": "openssl-perl-0:0.9.8e-33.el5_11.i386",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64"
},
"product_reference": "openssl-perl-0:0.9.8e-33.el5_11.ia64",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc"
},
"product_reference": "openssl-perl-0:0.9.8e-33.el5_11.ppc",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x"
},
"product_reference": "openssl-perl-0:0.9.8e-33.el5_11.s390x",
"relates_to_product_reference": "5Server-5.11.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-0:0.9.8e-33.el5_11.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
},
"product_reference": "openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"relates_to_product_reference": "5Server-5.11.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-8275",
"discovery_date": "2015-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1180187"
}
],
"notes": [
{
"category": "description",
"text": "Multiple flaws were found in the way OpenSSL parsed X.509 certificates. An attacker could use these flaws to modify an X.509 certificate to produce a certificate with a different fingerprint without invalidating its signature, and possibly bypass fingerprint-based blacklisting in applications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Fix various certificate fingerprint issues",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the version of openssl098e as shipped with Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this issue as having Low security impact and does not plan to address this flaw for the above components in any future security updates.\n\nThis issue affects the version of openssl097a as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-8275"
},
{
"category": "external",
"summary": "RHBZ#1180187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1180187"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-8275",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8275"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-8275",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8275"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv_20150108.txt",
"url": "https://www.openssl.org/news/secadv_20150108.txt"
}
],
"release_date": "2015-01-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-04-13T11:54:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:0800"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: Fix various certificate fingerprint issues"
},
{
"cve": "CVE-2015-0204",
"cwe": {
"id": "CWE-757",
"name": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)"
},
"discovery_date": "2015-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1180184"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects versions of openssl as shipped with Red Hat Enterprise Linux 5, 6 and 7. Errata have been released to correct this issue.\n\nThis issue affects the version of openssl098e as shipped with Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this issue as having Moderate security impact and does not plan to address this flaw for the openssl098e component in any future security updates.\n\nThis issue affects the version of openssl097a as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-0204"
},
{
"category": "external",
"summary": "RHBZ#1180184",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1180184"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-0204",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0204"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0204",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0204"
},
{
"category": "external",
"summary": "https://securityblog.redhat.com/2015/03/04/factoring-rsa-export-keys-freak-cve-2015-0204/",
"url": "https://securityblog.redhat.com/2015/03/04/factoring-rsa-export-keys-freak-cve-2015-0204/"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv_20150108.txt",
"url": "https://www.openssl.org/news/secadv_20150108.txt"
}
],
"release_date": "2015-01-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-04-13T11:54:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:0800"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK)"
},
{
"acknowledgments": [
{
"names": [
"OpenSSL project"
]
},
{
"names": [
"Emilia K\u00e4sper"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2015-0287",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2015-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1202380"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds write flaw was found in the way OpenSSL reused certain ASN.1 structures. A remote attacker could possibly use a specially crafted ASN.1 structure that, when parsed by an application, would cause that application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: ASN.1 structure reuse memory corruption",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-0287"
},
{
"category": "external",
"summary": "RHBZ#1202380",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202380"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-0287",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0287"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/1384453",
"url": "https://access.redhat.com/articles/1384453"
},
{
"category": "external",
"summary": "https://openssl.org/news/secadv_20150319.txt",
"url": "https://openssl.org/news/secadv_20150319.txt"
}
],
"release_date": "2015-03-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-04-13T11:54:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:0800"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: ASN.1 structure reuse memory corruption"
},
{
"acknowledgments": [
{
"names": [
"OpenSSL project"
]
},
{
"names": [
"Brian Carpenter"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2015-0288",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2015-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1202418"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in OpenSSL\u0027s X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: X509_to_X509_REQ NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-0288"
},
{
"category": "external",
"summary": "RHBZ#1202418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202418"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-0288",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0288"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/1384453",
"url": "https://access.redhat.com/articles/1384453"
},
{
"category": "external",
"summary": "https://openssl.org/news/secadv_20150319.txt",
"url": "https://openssl.org/news/secadv_20150319.txt"
}
],
"release_date": "2015-03-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-04-13T11:54:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:0800"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: X509_to_X509_REQ NULL pointer dereference"
},
{
"acknowledgments": [
{
"names": [
"OpenSSL project"
]
},
{
"names": [
"Michal Zalewski"
],
"organization": "Google",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2015-0289",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2015-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1202384"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: PKCS7 NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-0289"
},
{
"category": "external",
"summary": "RHBZ#1202384",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202384"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-0289",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0289"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0289",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0289"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/1384453",
"url": "https://access.redhat.com/articles/1384453"
},
{
"category": "external",
"summary": "https://openssl.org/news/secadv_20150319.txt",
"url": "https://openssl.org/news/secadv_20150319.txt"
}
],
"release_date": "2015-03-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-04-13T11:54:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:0800"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: PKCS7 NULL pointer dereference"
},
{
"acknowledgments": [
{
"names": [
"OpenSSL project"
]
},
{
"names": [
"Robert Dugal",
"David Ramos"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2015-0292",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2015-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1202395"
}
],
"notes": [
{
"category": "description",
"text": "An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input (such as a PEM file) could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: integer underflow leading to buffer overflow in base64 decoding",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-0292"
},
{
"category": "external",
"summary": "RHBZ#1202395",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202395"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-0292",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0292"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0292",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0292"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/1384453",
"url": "https://access.redhat.com/articles/1384453"
},
{
"category": "external",
"summary": "https://openssl.org/news/secadv_20150319.txt",
"url": "https://openssl.org/news/secadv_20150319.txt"
}
],
"release_date": "2015-03-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-04-13T11:54:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:0800"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: integer underflow leading to buffer overflow in base64 decoding"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
]
},
{
"names": [
"Emilia K\u00e4sper"
],
"organization": "the OpenSSL development team",
"summary": "Acknowledged by upstream."
},
{
"names": [
"Sean Burford"
],
"organization": "Google",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2015-0293",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2015-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1202404"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: assertion failure in SSLv2 servers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-0293"
},
{
"category": "external",
"summary": "RHBZ#1202404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202404"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-0293",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0293"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/1384453",
"url": "https://access.redhat.com/articles/1384453"
},
{
"category": "external",
"summary": "https://openssl.org/news/secadv_20150319.txt",
"url": "https://openssl.org/news/secadv_20150319.txt"
}
],
"release_date": "2015-03-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-04-13T11:54:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:0800"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: assertion failure in SSLv2 servers"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
]
},
{
"names": [
"David Adrian",
"J. Alex Halderman"
],
"organization": "University of Michigan",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-0703",
"discovery_date": "2016-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1310811"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the SSLv2 servers using OpenSSL accepted SSLv2 connection handshakes that indicated non-zero clear key length for non-export cipher suites. An attacker could use this flaw to decrypt recorded SSLv2 sessions with the server by using it as a decryption oracle.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Divide-and-conquer session key recovery in SSLv2",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0703"
},
{
"category": "external",
"summary": "RHBZ#1310811",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310811"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0703",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0703"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0703",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0703"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20160301.txt",
"url": "https://www.openssl.org/news/secadv/20160301.txt"
}
],
"release_date": "2016-03-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-04-13T11:54:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:0800"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Divide-and-conquer session key recovery in SSLv2"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
]
},
{
"names": [
"David Adrian",
"J. Alex Halderman"
],
"organization": "University of Michigan",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-0704",
"discovery_date": "2016-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1310814"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the SSLv2 protocol implementation in OpenSSL did not properly implement the Bleichenbacher protection for export cipher suites. An attacker could use a SSLv2 server using OpenSSL as a Bleichenbacher oracle.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0704"
},
{
"category": "external",
"summary": "RHBZ#1310814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310814"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0704",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0704"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0704",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0704"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20160301.txt",
"url": "https://www.openssl.org/news/secadv/20160301.txt"
}
],
"release_date": "2016-03-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-04-13T11:54:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:0800"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Client-Workstation-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Client-Workstation-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.src",
"5Server-5.11.Z:openssl-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.i686",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-debuginfo-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.ppc64",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-devel-0:0.9.8e-33.el5_11.x86_64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.i386",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ia64",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.ppc",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.s390x",
"5Server-5.11.Z:openssl-perl-0:0.9.8e-33.el5_11.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.