Patch 7249

From Higher Intellect Wiki
Jump to: navigation, search

IRIX Patch 7249: OpenSSL update #2 17-Jan-2013 Green icon equals general availability


This patch replaces the following patches:

   7217 

This patch has no known incompatibilities This patch fixes the following bugs:

   929557 - openssl der_chop script has symlink vulnerability
   956534 - three OpenSSL issues
   956535 - Another OpenSSL issue
   993892 - post-patch7217 OpenSSL security issues
   1029856 - IRIX OpenSSL Security patch request


1.3 Bugs_Fixed_by_Patch_SG0007249

This patch contains fixes for the following bugs in IRIX OpenSSL 0.9.7e. OpenSSL is upgraded to version 0.9.7m. Bug numbers from Silicon Graphics bug tracking system are included for reference.

Patch 7249:

         +o 993892: fixes to following security issues:
           CVE-2008-5077
           CVE-2009-0590
           CVE-2009-0789
           CVE-2009-3555
           CVE-2011-4576
           CVE-2011-4619
           CVE-2012-0884: PKCS#7 part only.
           CVE-2012-2110
           CVE-2012-2131
         +o Replaces and rolls up Patch 7217, which fixes:
              +o 929557: openssl der_chop script has symlink
                vulnerability.  der_chop has been removed.
              +o 956534: fixes to CVE-2006-2937 CVE-2006-3738 CVE-
                2006-4343
              +o 956535: fixes to CVE-2006-2940


Share your opinion