[SECURITY] Fedora 21 Update: mingw-openssl-1.0.2a-1.fc21

updates at fedoraproject.org updates at fedoraproject.org
Mon May 4 15:27:35 UTC 2015 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-6855
2015-04-26 07:27:25
--------------------------------------------------------------------------------

Name        : mingw-openssl
Product     : Fedora 21
Version     : 1.0.2a
Release     : 1.fc21
URL         : http://www.openssl.org/
Summary     : MinGW port of the OpenSSL toolkit
Description :
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

This package contains Windows (MinGW) libraries and development tools.

--------------------------------------------------------------------------------
Update Information:

Update to OpenSSL 1.0.2a which fixes various CVE's
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 24 2015 Erik van Pienbroek <epienbro at fedoraproject.org> - 1.0.2a-1
- Synced with native openssl-1.0.2a-1.fc23
- Fixes various CVE's (RHBZ #1203855 #1203856)
* Mon Dec 22 2014 Erik van Pienbroek <epienbro at fedoraproject.org> - 1.0.1j-1
- Synced with native openssl-1.0.1j-3.fc22
- Add support for RFC 5649
- Prevent compiler warning "Please include winsock2.h before windows.h"
  when using the OpenSSL headers
- Fixes various CVE's (RHBZ #1127889 #1127709 #1152851)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1203855 - CVE-2015-0209 CVE-2015-0293 CVE-2015-0287 CVE-2015-0286 CVE-2015-0289 CVE-2015-0288 mingw-openssl: various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1203855
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update mingw-openssl' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list