Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 436
Alerts This Week
Warning Icon 1 436

Fedora 23: 2016:2802690366 Moderate: OpenSSL Memory Issues

fedora
Calendar Grey March 3, 2016
Dist Fedora Esm H88
A recent update for Fedora addresses several security vulnerabilities in openssl, including significant problems related to memory handling and double-free errors.
New upstream release fixing security issues

Summary

The OpenSSL toolkit provides support for secure communications between

machines. OpenSSL includes a certificate management tool and shared

libraries which provide various cryptographic algorithms and

protocols.

Update Information:

New upstream release fixing security issues. Note that SSLv2 was already disabled by default in Fedora OpenSSL.

Change Log

References


[ 1 ] Bug #1312219 - CVE-2016-0799 OpenSSL: Fix memory issues in BIO_*printf functions https://bugzilla.redhat.com/show_bug.cgi?id=1312219 [ 2 ] Bug #1310599 - CVE-2016-0702 OpenSSL: Side channel attack on modular exponentiation https://bugzilla.redhat.com/show_bug.cgi?id=1310599 [ 3 ] Bug #1310596 - CVE-2016-0705 OpenSSL: Double-free in DSA code https://bugzilla.redhat.com/show_bug.cgi?id=1310596

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update openssl' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: openssl
Product: Fedora 23
Version: 1.0.2g
Release: 2.fc23
Summary: Utilities from the general purpose cryptography library with TLS implementation

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.