Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 510
Alerts This Week
Warning Icon 1 510

Fedora 23 Security Advisory: 2015-605de37b7f Moderate OpenSSL Issues

fedora
Calendar Grey December 6, 2015
Dist Fedora Esm H88
Significant security enhancement for Fedora 23 openssl, optimizing performance with elliptic curve functionality. Addresses vital security vulnerabilities.
Moderate security issues fixed in this update

Summary

The OpenSSL toolkit provides support for secure communications between

machines. OpenSSL includes a certificate management tool and shared

libraries which provide various cryptographic algorithms and

protocols.

Update Information:

Moderate security issues fixed in this update. Faster handling of some common elliptic curves enabled on 64 bit architectures. Improved Makefile.certificate to not use serial number 0 by default.

Change Log

References


[ 1 ] Bug #1288322 - CVE-2015-3195 OpenSSL: X509_ATTRIBUTE memory leak https://bugzilla.redhat.com/show_bug.cgi?id=1288322 [ 2 ] Bug #1288320 - CVE-2015-3194 OpenSSL: Certificate verify crash with missing PSS parameter https://bugzilla.redhat.com/show_bug.cgi?id=1288320 [ 3 ] Bug #1288317 - CVE-2015-3193 OpenSSL: BN_mod_exp may produce incorrect results on x86_64 https://bugzilla.redhat.com/show_bug.cgi?id=1288317

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update openssl' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: openssl
Product: Fedora 23
Version: 1.0.2e
Release: 1.fc23
Summary: Utilities from the general purpose cryptography library with TLS implementation

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.