CVE-2013-6449

Several security issues were fixed in OpenSSL ...

Synopsis Important: rhev-hypervisor6 security update Type/Severity Security Advisory: Important Topic An updated rhev-hypervisor6 package that fixes multiple security issues isnow availableThe Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerability Scor ...

Synopsis Important: openssl security update Type/Severity Security Advisory: Important Topic Updated openssl packages that fix three security issues are now availablefor Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerabili ...

Debian Bug report logs - #732754 openssl: CVE-2013-6449: crash when using TLS 12 Package: openssl; Maintainer for openssl is Debian OpenSSL Team <pkg-openssl-devel@listsaliothdebianorg>; Source for openssl is src:openssl (PTS, buildd, popcon) Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 21 Dec ...

Multiple security issues have been fixed in OpenSSL: The TLS 12 support was susceptible to denial of service and retransmission of DTLS messages was fixed In addition this update disables the insecure Dual_EC_DRBG algorithm (which was unused anyway, see marcinfo/?l=openssl-announce&m=138747119822324&w=2 for further information) an ...

A flaw was found in the way OpenSSL determined which hashing algorithm to use when TLS protocol version 12 was enabled This could possibly cause OpenSSL to use an incorrect hashing algorithm, leading to a crash of an application using the library (CVE-2013-6449) It was discovered that the Datagram Transport Layer Security (DTLS) protocol impleme ...

The ssl_get_algorithm2 function in ssl/s3_libc in OpenSSL before 102 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 12 client ...