OpenSSL: Multiple vulnerabilities

OpenSSL: Multiple vulnerabilities Multiple vulnerabilities have been found in OpenSSL that can result in either Denial of Service or information disclosure. dos June 22, 2015 June 22, 2015: 1 551832 remote 1.0.1o 0.9.8z_p7 1.0.1o

OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security as well as a general purpose cryptography library.

Multiple vulnerabilities have been found in OpenSSL. Please review the CVE identifiers referenced below for details.

A remote attacker can cause Denial of Service and information disclosure.

There is no known workaround at this time.

All OpenSSL 1.0.1 users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.1o"

All OpenSSL 0.9.8 users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8z_p7"

CVE-2014-8176 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-4000 K_F K_F