--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-fcc91a28e8
2020-04-26 02:50:39.140636
--------------------------------------------------------------------------------
Name : openssl
Product : Fedora 32
Version : 1.1.1g
Release : 1.fc32
URL :
http://www.openssl.org/
Summary : Utilities from the general purpose cryptography library with TLS
implementation
Description :
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.
--------------------------------------------------------------------------------
Update Information:
Update to version 1.1.1g from upstream fixing possible remote DoS security
issue.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 23 2020 Tom���� Mr��z <tmraz(a)redhat.com> 1.1.1g-1
- update to the 1.1.1g release
* Tue Apr 7 2020 Tom���� Mr��z <tmraz(a)redhat.com> 1.1.1f-1
- update to the 1.1.1f release
* Thu Mar 26 2020 Tom���� Mr��z <tmraz(a)redhat.com> 1.1.1e-2
- revert the unexpected EOF error reporting change as it is
too disruptive for the stable release branch
* Fri Mar 20 2020 Tom���� Mr��z <tmraz(a)redhat.com> 1.1.1e-1
- update to the 1.1.1e release
- add selftest of the RAND_DRBG implementation
- fix incorrect error return value from FIPS_selftest_dsa
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1781004 - CVE-2019-1551 openssl: Integer overflow in RSAZ modular
exponentiation on x86_64 [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1781004
[ 2 ] Bug #1814314 - openssl-1.1.1g is available
https://bugzilla.redhat.com/show_bug.cgi?id=1814314
[ 3 ] Bug #1826338 - CVE-2020-1967 openssl: Segmentation fault in SSL_check_chain causes
denial of service [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1826338
[ 4 ] Bug #1827149 - Please provide openssl 1.1.1g
https://bugzilla.redhat.com/show_bug.cgi?id=1827149
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-fcc91a28e8' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------