Commit - rpms/openssl - 557439fdfe27c5bc02d14c35f1c435bb28a46c59

rpms / openssl

Overview Files Commits Branches Forks Releases

Monitoring status:

Bugzilla Assignee:

Fedora:: dbelyavs
EPEL:: dbelyavs

`557439f` Multiple security and bug fixes.

Authored and Committed by tmraz 9 years ago

raw patch tree parent

1 file changed. 202 lines added. 0 lines removed.

openssl-1.0.1e-cve-2014-8275.patch

file added

+202

    Multiple security and bug fixes.
    
    - fix CVE-2014-3570 - incorrect computation in BN_sqr()
    - fix CVE-2014-3571 - possible crash in dtls1_get_record()
    - fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state
    - fix CVE-2014-8275 - various certificate fingerprint issues
    - fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export
      ciphersuites and on server
    - fix CVE-2015-0205 - do not allow unauthenticated client DH certificate
    - fix CVE-2015-0206 - possible memory leak when buffering DTLS records
    - add ECC TLS extensions to DTLS (#1119803)
    - do not send ECC ciphersuites in SSLv2 client hello (#1090955)
    - copy digest algorithm when handling SNI context switch

openssl-1.0.1e-cve-2014-8275.patch

file added

+202

rpms / openssl

Source Code

557439f Multiple security and bug fixes.

Authored and Committed by tmraz 9 years ago

`557439f` Multiple security and bug fixes.