Fedora 24: openssl Security Update 2017-e853b4144f
Summary
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.
Update Information:
Minor upstream release fixing CVE-2016-8610, CVE-2017-3731, CVE-2017-3732.
Change Log
References
[ 1 ] Bug #1384743 - CVE-2016-8610 SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS https://bugzilla.redhat.com/show_bug.cgi?id=1384743 [ 2 ] Bug #1416856 - CVE-2017-3732 openssl: BN_mod_exp may produce incorrect results on x86_64 https://bugzilla.redhat.com/show_bug.cgi?id=1416856 [ 3 ] Bug #1416852 - CVE-2017-3731 openssl: Truncated packet could crash via OOB read https://bugzilla.redhat.com/show_bug.cgi?id=1416852
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade openssl' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html