-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-00c25b9379 2019-09-25 01:06:52.995851 --------------------------------------------------------------------------------
Name : compat-openssl10 Product : Fedora 30 Version : 1.0.2o Release : 7.fc30 URL : http://www.openssl.org/ Summary : Compatibility version of the OpenSSL library Description : The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1.
-------------------------------------------------------------------------------- Update Information:
Patch for CVE-2018-0737, CVE-2018-0732, CVE-2018-0734, CVE-2019-1552, CVE-2019-1559. https://www.openssl.org/news/vulnerabilities.html -------------------------------------------------------------------------------- ChangeLog:
* Tue Sep 10 2019 Gwyn Ciesla gwync@protonmail.com - 1:1.0.2o-7 - Patch for CVE-2018-0737, CVE-2018-0732, CVE-2018-0734, CVE-2019-1552, CVE-2019-1559 * Wed Jul 24 2019 Fedora Release Engineering releng@fedoraproject.org - 1:1.0.2o-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1750782 - Update compat-openssl10 to OpenSSL 1.0.2r https://bugzilla.redhat.com/show_bug.cgi?id=1750782 [ 2 ] Bug #1695959 - CVE-2019-1543 compat-openssl10: openssl: ChaCha20-Poly1305 with long nonces [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1695959 [ 3 ] Bug #1683808 - CVE-2019-1559 compat-openssl10: openssl: 0-byte record padding oracle [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1683808 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-00c25b9379' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------