Site Navigation:
security mingw-openssl-1.0.1e-5.fc20 security update
Status:stable
Release: Fedora 20
Update ID: FEDORA-2014-1567
Builds: mingw-openssl-1.0.1e-5.fc20 (logs)
Pushed: True
Date Submitted: 2014-01-25 22:39:56
Date Released: 2014-01-26 11:14:02
Submitter: epienbro
Karma: 1
Stable karma: 1
Unstable karma: -3
Details

Synced patches with native openssl-1.0.1e-38.fc21 which fixes various CVE's and also enables ECC support

Bugs Fixed
1037919 - RFE: Enable Fedora-supported ECC algorithms
1047844 - CVE-2013-6450: mingw-openssl: openssl: MiTM due to improper implementation of DTLS retransmission [fedora-all]
1049062 - CVE-2013-4353: mingw-openssl: openssl: TLS record tampering issue can lead to OpenSSL crash [fedora-all]
1045444 - CVE-2013-6449: mingw-openssl: openssl: crash when using TLS 1.2 [fedora-all]
Feedback
bodhi - 2014-01-25 22:40:13
This update has been submitted for testing by epienbro.
autoqa - 2014-01-25 22:47:19
AutoQA: depcheck test PASSED on x86_64. Result log: http://autoqa.fedoraproject.org/report/1bow7 (results are informative only)
autoqa - 2014-01-25 22:47:22
AutoQA: depcheck test PASSED on i386. Result log: http://autoqa.fedoraproject.org/report/1bow8 (results are informative only)
bodhi - 2014-01-26 04:50:46
This update is currently being pushed to the Fedora 20 testing updates repository.
bodhi - 2014-01-26 11:55:29
This update has been pushed to testing
mooninite - 2014-01-27 05:05:55
No regressions seen. ECC is enabled.
bodhi - 2014-01-27 05:05:59
This update has reached the stable karma threshold and will be pushed to the stable updates repository
autoqa - 2014-01-27 05:13:17
AutoQA: upgradepath test PASSED on noarch. Result log: http://autoqa.fedoraproject.org/report/1bpjb (results are informative only)
bodhi - 2014-01-27 16:19:15
This update is currently being pushed to the Fedora 20 stable updates repository.
bodhi - 2014-01-28 04:43:56
This update has been pushed to stable

Add a comment

Tip: Login to impact how quickly this update gets pushed or unpushed.
obfuscated letters