Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 521
Alerts This Week
Warning Icon 1 521

Fedora 21: 2015-12970 moderate update: erlang poodle tls improvement

fedora
Calendar Grey August 18, 2015
Dist Fedora Esm H88
An update to Erlang addresses CVE-2015-2774, mitigating the POODLE vulnerability in Fedora 21, thereby enhancing the security posture of the software ecosystem.
Security fix for CVE-2015-2774

Summary

Erlang is a general-purpose programming language and runtime

environment. Erlang has built-in support for concurrency, distribution

and fault tolerance. Erlang is used in several large telecommunication

systems from Ericsson.

Update Information:

Security fix for CVE-2015-2774

Change Log

* Wed Aug 5 2015 John Eckersberg - 17.4-4 - Add patch for CVE-2015-2774 - TLS-1.0 POODLE vulnerability (rhbz#1206712) * Wed Jun 17 2015 Fedora Release Engineering - 17.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Sat May 2 2015 Kalev Lember - 17.4-2 - Rebuilt for GCC 5 C++11 ABI change * Fri Dec 12 2014 Peter Lemenkov - 17.4-1 - Ver. 17.4 * Mon Dec 1 2014 Peter Lemenkov - 17.3.4-3 - Disable SSLv3 (see rhbz #1169375) * Mon Dec 1 2014 Peter Lemenkov - 17.3.4-2 - Backport useful os:getenv/2 from master (see https://github.com/erlang/otp/pull/535 )

References


[ 1 ] Bug #1206712 - CVE-2015-2774 Erlang/OTP is vulnerable to Poodle in its TLS-1.0 implementation https://bugzilla.redhat.com/show_bug.cgi?id=1206712

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update erlang' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: erlang
Product: Fedora 21
Version: 17.4
Release: 4.fc21
Summary: General-purpose programming language and runtime environment

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.