CVE-2013-4353

Several security issues were fixed in OpenSSL ...

Synopsis Important: rhev-hypervisor6 security update Type/Severity Security Advisory: Important Topic An updated rhev-hypervisor6 package that fixes multiple security issues isnow availableThe Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerability Scor ...

Synopsis Important: openssl security update Type/Severity Security Advisory: Important Topic Updated openssl packages that fix three security issues are now availablefor Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerabili ...

Debian Bug report logs - #732754 openssl: CVE-2013-6449: crash when using TLS 12 Package: openssl; Maintainer for openssl is Debian OpenSSL Team <pkg-openssl-devel@listsaliothdebianorg>; Source for openssl is src:openssl (PTS, buildd, popcon) Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 21 Dec ...

Anton Johansson discovered that an invalid TLS handshake package could crash OpenSSL with a NULL pointer dereference The oldstable distribution (squeeze) is not affected For the stable distribution (wheezy), this problem has been fixed in version 101e-2+deb7u3 For the unstable distribution (sid), this problem has been fixed in version 101f-1 ...

A flaw was found in the way OpenSSL determined which hashing algorithm to use when TLS protocol version 12 was enabled This could possibly cause OpenSSL to use an incorrect hashing algorithm, leading to a crash of an application using the library (CVE-2013-6449) It was discovered that the Datagram Transport Layer Security (DTLS) protocol impleme ...

The ssl3_take_mac function in ssl/s3_bothc in OpenSSL 101 before 101f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake ...