User: Password:
|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2011-12281 (openssl)

From:  updates@fedoraproject.org
To:  package-announce@lists.fedoraproject.org
Subject:  [SECURITY] Fedora 14 Update: openssl-1.0.0e-1.fc14
Date:  Sat, 10 Sep 2011 23:55:13 +0000
Message-ID:  <20110910235513.9DFF1E720F@smtp-mm02.fedoraproject.org>
Archive-link:  Article, Thread

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2011-12281 2011-09-08 06:37:53 -------------------------------------------------------------------------------- Name : openssl Product : Fedora 14 Version : 1.0.0e Release : 1.fc14 URL : http://www.openssl.org/ Summary : A general purpose cryptography library with TLS implementation Description : The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. -------------------------------------------------------------------------------- Update Information: New upstream release fixing CVE-2011-3207 and a few other minor bugs. It also improves performance of AES, SHA1 and RC4 on new Intel CPUs and enables VIA Padlock HW acceleration support on 64 bit architecture. -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 7 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0e-1 - new upstream release fixing CVE-2011-3207 (#736088) * Wed Aug 24 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0d-8 - drop the separate engine for Intel acceleration improvements and merge in the AES-NI, SHA1, and RC4 optimizations - add support for OPENSSL_DISABLE_AES_NI environment variable that disables the AES-NI support * Tue Jul 26 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0d-7 - correct openssl cms help output (#636266) - more tolerant starttls detection in XMPP protocol (#608239) * Wed Jul 20 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0d-6 - add support for newest Intel acceleration improvements backported from upstream by Intel in form of a separate engine * Thu Jun 9 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0d-5 - allow the AES-NI engine in the FIPS mode * Tue May 24 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0d-4 - add API necessary for CAVS testing of the new DSA parameter generation * Thu Apr 28 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0d-3 - add support for VIA Padlock on 64bit arch from upstream (#617539) - do not return bogus values from load_certs (#652286) * Tue Apr 5 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0d-2 - clarify apps help texts for available digest algorithms (#693858) * Thu Feb 10 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0d-1 - new upstream release fixing CVE-2011-0014 (OCSP stapling vulnerability) * Tue Feb 8 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.0c-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Fri Feb 4 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0c-3 - add -x931 parameter to openssl genrsa command to use the ANSI X9.31 key generation method - use FIPS-186-3 method for DSA parameter generation - add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable to allow using MD5 when the system is in the maintenance state even if the /proc fips flag is on - make openssl pkcs12 command work by default in the FIPS mode * Mon Jan 24 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0c-2 - listen on ipv6 wildcard in s_server so we accept connections from both ipv4 and ipv6 (#601612) - fix openssl speed command so it can be used in the FIPS mode with FIPS allowed ciphers * Fri Dec 3 2010 Tomas Mraz <tmraz@redhat.com> 1.0.0c-1 - new upstream version fixing CVE-2010-4180 * Tue Nov 23 2010 Tomas Mraz <tmraz@redhat.com> 1.0.0b-3 - replace the revert for the s390x bignum asm routines with fix from upstream * Mon Nov 22 2010 Tomas Mraz <tmraz@redhat.com> 1.0.0b-2 - revert upstream change in s390x bignum asm routines * Tue Nov 16 2010 Tomas Mraz <tmraz@redhat.com> 1.0.0b-1 - new upstream version fixing CVE-2010-3864 (#649304) * Tue Sep 7 2010 Tomas Mraz <tmraz@redhat.com> 1.0.0a-3 - make SHLIB_VERSION reflect the library suffix -------------------------------------------------------------------------------- References: [ 1 ] Bug #736088 - CVE-2011-3207 openssl: CRL verification vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=736088 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update openssl' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds