Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » RHBA-2015:0026-01

Overview

Id RHBA-2015:0026-01
Name Red Hat 2015:0026-01 RHBA openssl bug fix update for RHEL 5 x86_64
Vendor Name red_hat
Product None
Content Type Recommended Recommended
Language(s)
Operating System(s) Linux 
Released On 12 Jan 2015 12:00:00

RHBA-2015:0026-01

Red Hat 2015:0026-01 RHBA openssl bug fix update for RHEL 5 x86_64

Vendor Name

red_hat

Product

None

Released On

12 Jan 2015 12:00:00

Url

https://rhn.redhat.com/errata/RHBA-2015-0026.html

Description

LSAC(v2)
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. This update fixes the following bug: * Prior to this update, the certificate store access in the OpenSSL library was not properly locked against simultaneous accesses in multithreaded applications. As a consequence, the httpd daemon running in multithreaded mode could break the https service when two threads accessed the certificate store simultaneously. With this update, the certificate store access in OpenSSL is now locked properly, and the httpd daemon providing the https service can now properly work in the described situation. (BZ#1168938) Users of openssl are advised to upgrade to these updated packages, which fix this bug. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

Related Resources

Related Vulnerabilities

None

Related Patches

Superseded Patches


Last Updated: 27 May 2016 11:20:29