OpenSSL: Multiple vulnerabilities

OpenSSL: Multiple vulnerabilities Multiple vulnerabilities have been found in OpenSSL that can result in either Denial of Service or information disclosure. dos 2015-06-22 2016-02-26 551832 remote 1.0.1o 0.9.8z_p7 0.9.8z_p8 0.9.8z_p9 0.9.8z_p10 0.9.8z_p11 0.9.8z_p12 0.9.8z_p13 0.9.8z_p14 0.9.8z_p15 1.0.1o

OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security as well as a general purpose cryptography library.

Multiple vulnerabilities have been found in OpenSSL. Please review the CVE identifiers referenced below for details.

A remote attacker can cause Denial of Service and information disclosure.

There is no known workaround at this time.

All OpenSSL 1.0.1 users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.1o"

All OpenSSL 0.9.8 users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8z_p7"

CVE-2014-8176 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-4000 K_F K_F