My Oracle Support Banner

CVE-2015-0204 - OpenSSL Vulnerability - Patch Availability for Oracle Exalogic Linux Physical and Virtual Racks (Doc ID 2004526.1)

Last updated on OCTOBER 22, 2019

Applies to:

Oracle Exalogic Elastic Cloud Software - Version 2.0.0.0.0 to 2.0.6.2.1
Linux x86-64
Oracle Exalogic Elastic Cloud Software v2.0.0.x
Oracle Exalogic Elastic Cloud Software v2.0.3.x
Oracle Exalogic Elastic Cloud Software v2.0.4.x
Oracle Exalogic Elastic Cloud Software v2.0.6.x

Purpose

This document provides a list of the all the Exalogic Elastic Cloud Software (EECS) releases affected by CVE-2015-0204 (OpenSSL Vulnerability) along with instructions on how to remediate on Compute Nodes and vServers.

NOTE: CVE-2015-0204 vulnerability is fixed in July 2015 PSU 2.0.6.2.2 and later releases.  

The fixes provided through this document remediate the following vulnerabilities on Exalogic:

Oracle Linux 5 (Physical, dom0, and domU):

- CVE-2014-3570
- CVE-2014-3571
- CVE-2014-3572
- CVE-2014-8275
- CVE-2015-0204

Oracle Linux 6 (Physical and domU):

- CVE-2014-3570
- CVE-2014-3571
- CVE-2014-3572
- CVE-2014-8275
- CVE-2015-0204
- CVE-2015-0205
- CVE-2015-0206

Details

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Purpose
Details
 EXALOGIC BARE METAL DEPLOYMENTS
 COMPUTE NODES RUNNING ORACLE LINUX 5 OR 6
 EXALOGIC VIRTUAL DEPLOYMENTS
 EXALOGIC CONTROL STACK
 EECS 2.0.4.x
 EECS 2.0.6.x
 EXALOGIC GUEST VSERVERS
 ORACLE LINUX 5.x OR 6.x
 COMPUTE NODES RUNNING OVS (DOM0)
 EXALOGIC HYBRID DEPLOYMENTS
 COMPONENTS WITH NO AVAILABLE FIXES
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.