Repository 32bit  Forum
Repository 64bit  Wiki
Fri Aug 8 19:02:50 UTC 2014
patches/packages/openssl-1.0.1i-x86_64-1_slack14.1.txz: Upgraded.
  This update fixes several security issues:
  Double Free when processing DTLS packets (CVE-2014-3505)
  DTLS memory exhaustion (CVE-2014-3506)
  DTLS memory leak from zero-length fragments (CVE-2014-3507)
  Information leak in pretty printing functions (CVE-2014-3508)
  Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)
  OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)
  OpenSSL TLS protocol downgrade attack (CVE-2014-3511)
  SRP buffer overrun (CVE-2014-3512)
  Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139)
  For more information, see:
  https://www.openssl.org/news/secadv_20140806.txt
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139
  (* Security fix *)
patches/packages/openssl-solibs-1.0.1i-x86_64-1_slack14.1.txz: Upgraded.
  (* Security fix *)