Fedora 22: 2016-e6807b3394 Critical OpenSSL Memory Attack Fix
fedora
March 13, 2016
New upstream release fixing security issues
Summary
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.
Update Information:
New upstream release fixing security issues. Note that SSLv2 was already disabled by default in Fedora OpenSSL.
Topics Covered
Change Log
References
[ 1 ] Bug #1312219 - CVE-2016-0799 OpenSSL: Fix memory issues in BIO_*printf functions
https://bugzilla.redhat.com/show_bug.cgi?id=1312219
[ 2 ] Bug #1310599 - CVE-2016-0702 OpenSSL: Side channel attack on modular exponentiation
https://bugzilla.redhat.com/show_bug.cgi?id=1310599
[ 3 ] Bug #1310596 - CVE-2016-0705 OpenSSL: Double-free in DSA code
https://bugzilla.redhat.com/show_bug.cgi?id=1310596
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update openssl' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: openssl
Product: Fedora 22
Version: 1.0.1k
Release: 14.fc22
Summary: Utilities from the general purpose cryptography library with TLS implementation
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!