Name : openssl Product : Fedora 21 Version : 1.0.1k Release : 6.fc21 URL : http://www.openssl.org/ Summary : Utilities from the general purpose cryptography library with TLS implementation Description : The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.
* Thu Mar 19 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1k-6 - fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey() - fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption - fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data - fix CVE-2015-0293 - triggerable assert in SSLv2 server * Mon Mar 16 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1k-5 - fix bug in the CRYPTO_128_unwrap() * Fri Feb 27 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1k-4 - fix bug in the RFC 5649 support (#1185878) * Sat Feb 21 2015 Till Maas <opensource@till.name> - 1:1.0.1k-3 - Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code * Thu Jan 15 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1k-2 - test in the non-FIPS RSA keygen for minimal distance of p and q similarly to the FIPS RSA keygen * Fri Jan 9 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1k-1 - new upstream release fixing multiple security issues * Tue Oct 21 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1j-2 - update the FIPS RSA keygen to be FIPS 186-4 compliant ------------------------------------------------------------------------------- - References:
This update can be installed with the "yum" update program. Use su -c 'yum update openssl' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.