openssl

Security update for OpenSSL

Security update for OpenSSL

A buffer overflow condition within the SSL_get_shared_ciphers() function and a DoS condition known as "parasitic public keys" have been fixed. The later problem allowed attackers to trick the OpenSSL engine to spend an extraordinary amount of time to process public keys. The following CAN numbers have been assigned: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738 and CVE-2006-4343. A buffer overflow condition within the SSL_get_shared_ciphers() function and a DoS condition known as "parasitic public keys" have been fixed. The later problem allowed attackers to trick the OpenSSL engine to spend an extraordinary amount of time to process public keys. The following CAN numbers have been assigned: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738 and CVE-2006-4343. security openssl i586 e86b8c77073e20d64cfbaadf30f1f51134a8145e openssl-devel i586 aeb5db5129ffa991ada30f23621b29430ba7d01c