Univention Bugzilla – Bug 37493
openssl: Multiple issues (3.2)
Last modified: 2015-01-13 12:43:22 CET
Denial of service in DTLS (2014-3571) ECDHE can be downgraded to ECDH, resulting in a loss of forward secrecy (CVE-2014-3572) Weaker RSA keys can be negotiated (CVE-2015-0204) AFAICS these can only be exploited by a malicous server. Certificate fingerprints can be modified (CVE-2014-8275) Bignum squaring may produce incorrect results (CVE-2014-3570)
A fixed package has been built. Tests were successful. ucs-test also passed for the modules base, ldap and samba. YAML file: 2015-01-12-openssl.yaml
Tests: OK Advisory: OK
http://errata.univention.de/ucs/3.2/272.html