Fedora 24: openssl Security Update 2016-1411324654
Summary
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.
Update Information:
Security fix for CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106
Change Log
References
[ 1 ] Bug #1331536 - CVE-2016-2106 openssl: EVP_EncryptUpdate overflow https://bugzilla.redhat.com/show_bug.cgi?id=1331536 [ 2 ] Bug #1331441 - CVE-2016-2105 openssl: EVP_EncodeUpdate overflow https://bugzilla.redhat.com/show_bug.cgi?id=1331441 [ 3 ] Bug #1331426 - CVE-2016-2107 openssl: Padding oracle in AES-NI CBC MAC check https://bugzilla.redhat.com/show_bug.cgi?id=1331426 [ 4 ] Bug #1331402 - CVE-2016-2108 openssl: Memory corruption in the ASN.1 encoder https://bugzilla.redhat.com/show_bug.cgi?id=1331402
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update openssl' at the command line. For more information, refer to "Managing Software with yum", available at .
![Dist Fedora](/images/distros/dist-fedora.gif)