Wind River Support Network

HomeDefectsLIN6-11762

Fixed

LIN6-11762 : Security Advisory - openssl - CVE-2016-6304

Created: Sep 22, 2016 Updated: Dec 3, 2018

Resolved Date: Sep 22, 2016

Found In Version: 6.0.0.30

Fix Version: 6.0.0.31

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304

Security Notices

Security Advisory - 16 CVE issues of OpenSSL Security Advisory of 22 and 26 Sep 2016

Other Downloads

Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38