Scientific Linux Security Update : openssl on SL5.x i386/x86_64
Medium Nessus Plugin ID 87401
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionA memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195)
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
SolutionUpdate the affected packages.