Wind River Support Network

HomeDefectsLIN6-8579

Fixed

LIN6-8579 : Security Advisory - openssl - CVE-2014-3566

Created: Oct 16, 2014 Updated: Dec 3, 2018

Resolved Date: Oct 17, 2014

Previous ID: LIN4-31838

Found In Version: 6.0.0.13

Fix Version: 6.0.0.13

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38