FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

openssl -- multiple vulnerabilities

Affected packages
		openssl	<	1.0.1_9

Details

VuXML ID	5aaa257e-772d-11e3-a65a-3c970e169bc2
Discovery	2014-01-06
Entry	2014-01-06
Modified	2016-08-09

OpenSSL development team reports:

Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014]:

Fix for TLS record tampering bug [CVE-2013-4353]

Fix for TLS version checking bug [CVE-2013-6449]

Fix for DTLS retransmission bug [CVE-2013-6450]

[source]

References

CVE Name	CVE-2013-4353
CVE Name	CVE-2013-6449
CVE Name	CVE-2013-6450
FreeBSD Advisory	SA-14:03.openssl
URL	http://www.openssl.org/news/openssl-1.0.1-notes.html