Fedora 21: openssl Security Update 2015-10108
Summary
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.
Update Information:
Multiple moderate and low impact security issues fixed.
Change Log
* Mon Jun 15 2015 Tomáš Mráz
References
[ 1 ] Bug #1228603 - CVE-2015-1789 OpenSSL: out-of-bounds read in X509_cmp_time https://bugzilla.redhat.com/show_bug.cgi?id=1228603 [ 2 ] Bug #1228604 - CVE-2015-1790 OpenSSL: PKCS7 crash with missing EnvelopedContent https://bugzilla.redhat.com/show_bug.cgi?id=1228604 [ 3 ] Bug #1228607 - CVE-2015-1792 OpenSSL: CMS verify infinite loop with unknown hash function https://bugzilla.redhat.com/show_bug.cgi?id=1228607 [ 4 ] Bug #1228608 - CVE-2015-1791 OpenSSL: Race condition handling NewSessionTicket https://bugzilla.redhat.com/show_bug.cgi?id=1228608
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update openssl' at the command line. For more information, refer to "Managing Software with yum", available at .