Bug 309801 (CVE-2007-5135)
| Summary: | CVE-2007-5135 openssl: SSL_get_shared_ciphers() off-by-one | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Mark J. Cox <mjc> |
| Component: | vulnerability | Assignee: | Tomas Mraz <tmraz> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-06-12 09:47:49 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 309831, 309841, 309851, 309861, 309871, 309881 | ||
| Bug Blocks: | |||
|
Description
Mark J. Cox
2007-09-27 19:39:40 UTC
Note that this issue is only of moderate security severity. Few applications make use of this vulnerable function and generally it is used only when applications are compiled for debugging. In addition this single-byte overflow is not likely to be exploitable which is why the OpenSSL team did not do an immediate fix for this issue. We fixed this issue in Red Hat Enterprise Linux 5 in early Oct 2007 because we had to issue an update to fix a higher severity issue that only affected the RHEL5 OpenSSL. An update to fix this issue is in progress for RHEL2.1 and RHEL3 and will be released when completed (depending on it passing Quality Engineering and the queue of higher severity issues) An update to fix this issue for RHEL4 will be issued after RHEL4.6 is released. The update to correct this issue for RHEL2.1,3,5 have been released. An update to correct this issue for RHEL4 will be made available after the release of update 6 (4.6) |