Mehrere Probleme in OpenSSL
ID: | FEDORA-2017-3451dbec48 |
Distribution: | Fedora |
Plattformen: | Fedora 25 |
Datum: | Mi, 8. Februar 2017, 07:33 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3731
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8610 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3732 |
Applikationen: | OpenSSL |
Originalnachricht |
|
Name : openssl Product : Fedora 25 Version : 1.0.2k Release : 1.fc25 URL : http://www.openssl.org/ Summary : Utilities from the general purpose cryptography library with TLS implementation Description : The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. -------------------------------------------------------------------------------- Update Information: Minor upstream release fixing CVE-2016-8610, CVE-2017-3731, CVE-2017-3732. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1384743 - CVE-2016-8610 SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS https://bugzilla.redhat.com/show_bug.cgi?id=1384743 [ 2 ] Bug #1416856 - CVE-2017-3732 openssl: BN_mod_exp may produce incorrect results on x86_64 https://bugzilla.redhat.com/show_bug.cgi?id=1416856 [ 3 ] Bug #1416852 - CVE-2017-3731 openssl: Truncated packet could crash via OOB read https://bugzilla.redhat.com/show_bug.cgi?id=1416852 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade openssl' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org |