openssl 보안 업데이트
업데이트 : 2016.10.02
이름 : openssl-10:1.0.1e-48.an2.3
벤더 : AnNyung Packaging Team
설명 :
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.
변경사항
- fix CVE-2016-2177 - possible integer overflow
- fix CVE-2016-2178 - non-constant time DSA operations
- fix CVE-2016-2179 - further DoS issues in DTLS
- fix CVE-2016-2180 - OOB read in TS_OBJ_print_bio()
- fix CVE-2016-2181 - DTLS1 replay protection and unprocessed records issue
- fix CVE-2016-2182 - possible buffer overflow in BN_bn2dec()
- fix CVE-2016-6302 - insufficient TLS session ticket HMAC length check
- fix CVE-2016-6304 - unbound memory growth with OCSP status request
- fix CVE-2016-6306 - certificate message OOB reads
- mitigate CVE-2016-2183 - degrade all 64bit block ciphers and RC4 to
112 bit effective strength
- replace expired testing certificates
업데이트 패키지
SRPMS:
. openssl-1.0.1e-48.an2.3.src.rpm
x86_64:
. openssl-static-1.0.1e-48.an2.3.x86_64.rpm
. openssl-perl-1.0.1e-48.an2.3.x86_64.rpm
. openssl-1.0.1e-48.an2.3.x86_64.rpm
. openssl-devel-1.0.1e-48.an2.3.x86_64.rpm
i686:
. openssl-devel-1.0.1e-48.an2.3.i686.rpm
. openssl-1.0.1e-48.an2.3.i686.rpm
. openssl-static-1.0.1e-48.an2.3.i686.rpm
. openssl-perl-1.0.1e-48.an2.3.i686.rpm
|