Wind River Support Network

HomeDefectsLIN6-8579
Fixed

LIN6-8579 : Security Advisory - openssl - CVE-2014-3566

Created: Oct 16, 2014    Updated: Dec 3, 2018
Resolved Date: Oct 17, 2014
Previous ID: LIN4-31838
Found In Version: 6.0.0.13
Fix Version: 6.0.0.13
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566

Other Downloads


Live chat
Online