Fedora 20: async-http-client Security Update
Summary
Async Http Client library purpose is to allow Java applications to
easily execute HTTP requests and asynchronously process the HTTP
responses. The Async HTTP Client library is simple to use.
Update Information:
Security fix for CVE-2013-7398, CVE-2013-7397
Change Log
* Fri Apr 24 2015 Michal Srb
References
[ 1 ] Bug #1133773 - CVE-2013-7398 async-http-client: missing hostname verification for SSL certificates https://bugzilla.redhat.com/show_bug.cgi?id=1133773 [ 2 ] Bug #1133769 - CVE-2013-7397 async-http-client: SSL/TLS certificate verification is disabled under certain conditions https://bugzilla.redhat.com/show_bug.cgi?id=1133769
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update async-http-client' at the command line. For more information, refer to "Managing Software with yum", available at .