[SECURITY] Fedora 18 Update: mingw-openssl-1.0.1c-1.fc18

updates at fedoraproject.org updates at fedoraproject.org
Fri Nov 23 07:52:37 UTC 2012


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-18035
2012-11-11 19:44:23
--------------------------------------------------------------------------------

Name        : mingw-openssl
Product     : Fedora 18
Version     : 1.0.1c
Release     : 1.fc18
URL         : http://www.openssl.org/
Summary     : MinGW port of the OpenSSL toolkit
Description :
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

This package contains Windows (MinGW) libraries and development tools.

--------------------------------------------------------------------------------
Update Information:

Update to 1.0.1c and synced all patches with Fedora openssl-1.0.1c-7.fc19
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #773330 - CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 mingw32-openssl various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=773330
  [ 2 ] Bug #736089 - CVE-2011-3207 mingw32-openssl: CRL verification vulnerability [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=736089
  [ 3 ] Bug #802817 - CVE-2012-1165 CVE-2012-0884 mingw32-openssl various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=802817
  [ 4 ] Bug #814203 - CVE-2012-2110 mingw32-openssl: asn1_d2i_read_bio integer errors leading to buffer overflow [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=814203
  [ 5 ] Bug #820694 - CVE-2012-2333 openssl: record length handling integer underflow [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=820694
  [ 6 ] Bug #846213 - CVE-2011-3207 mingw-openssl: CRL verification vulnerability [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=846213
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update mingw-openssl' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list