[SECURITY] Fedora 27 Update: openssl-1.1.0i-1.fc27

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2018-02a38af202 2018-10-02 15:02:33.025994 -------------------------------------------------------------------------------- Name : openssl Product : Fedora 27 Version : 1.1.0i Release : 1.fc27 URL : http://www.openssl.org/ Summary : Utilities from the general purpose cryptography library with TLS implementation Description : The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. -------------------------------------------------------------------------------- Update Information: Update to 1.1.0i version from upstream fixing minor security issues. -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 20 2018 Tom���� Mr��z <tmraz(a)redhat.com&gt; 1.1.0i-1 - update to upstream version 1.1.0i * Tue Apr 3 2018 Tom���� Mr��z <tmraz(a)redhat.com&gt; 1.1.0h-3 - fix regression of c_rehash (#1562953) * Thu Mar 29 2018 Tom���� Mr��z <tmraz(a)redhat.com&gt; 1.1.0h-1 - update to upstream version 1.1.0h - apply RPM_LD_FLAGS properly (#1541033) - silence the .rnd write failure as that is auxiliary functionality (#1524833) * Fri Nov 3 2017 Tom���� Mr��z <tmraz(a)redhat.com&gt; 1.1.0g-1 - update to upstream version 1.1.0g -------------------------------------------------------------------------------- References: [ 1 ] Bug #1568256 - CVE-2018-0737 openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1568256 [ 2 ] Bug #1591101 - CVE-2018-0732 openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1591101 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-02a38af202' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------