--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2016-2802690366
2016-03-03 16:39:46.123583
--------------------------------------------------------------------------------

Name        : openssl
Product     : Fedora 23
Version     : 1.0.2g
Release     : 2.fc23
URL         : https://www.openssl.org:443/
Summary     : Utilities from the general purpose cryptography library with TLS implementation
Description :
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

--------------------------------------------------------------------------------
Update Information:

New upstream release fixing security issues.  Note that SSLv2 was already
disabled by default in Fedora OpenSSL.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1312219 - CVE-2016-0799 OpenSSL: Fix memory issues in BIO_*printf functions
        https://bugzilla.redhat.com/show_bug.cgi?id=1312219
  [ 2 ] Bug #1310599 - CVE-2016-0702 OpenSSL: Side channel attack on modular exponentiation
        https://bugzilla.redhat.com/show_bug.cgi?id=1310599
  [ 3 ] Bug #1310596 - CVE-2016-0705 OpenSSL: Double-free in DSA code
        https://bugzilla.redhat.com/show_bug.cgi?id=1310596
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program. Use
su -c 'yum update openssl' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/

Fedora 23: openssl Security Update 2016-2802690366

March 3, 2016
New upstream release fixing security issues

Summary

The OpenSSL toolkit provides support for secure communications between

machines. OpenSSL includes a certificate management tool and shared

libraries which provide various cryptographic algorithms and

protocols.

Update Information:

New upstream release fixing security issues. Note that SSLv2 was already disabled by default in Fedora OpenSSL.

Change Log

References

[ 1 ] Bug #1312219 - CVE-2016-0799 OpenSSL: Fix memory issues in BIO_*printf functions https://bugzilla.redhat.com/show_bug.cgi?id=1312219 [ 2 ] Bug #1310599 - CVE-2016-0702 OpenSSL: Side channel attack on modular exponentiation https://bugzilla.redhat.com/show_bug.cgi?id=1310599 [ 3 ] Bug #1310596 - CVE-2016-0705 OpenSSL: Double-free in DSA code https://bugzilla.redhat.com/show_bug.cgi?id=1310596

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update openssl' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
Name : openssl
Product : Fedora 23
Version : 1.0.2g
Release : 2.fc23
URL : https://www.openssl.org:443/
Summary : Utilities from the general purpose cryptography library with TLS implementation

Related News