FEDORA-2016-05c567df1a

security update in Fedora 23 for openssl

Status: stable 3 years ago

Security fix for CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106

How to install

sudo dnf upgrade --advisory=FEDORA-2016-05c567df1a

Comments 8

This update has been submitted for testing by tmraz.

Works for me.

karma: +1

no regressions in internal tests, deployed to production servers

karma: +1 critpath: +1

This update has been pushed to testing.

This update has been submitted for stable by bodhi.

No issues noted in dependent applications.

karma: +1 critpath: +1

Working well on a few high-traffic websites.

karma: +1 critpath: +1 #1331426: +1

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
high
Karma
+4
stable threshold: 2
unstable threshold: -2
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 3 years ago
in testing 3 years ago
in stable 3 years ago

Related Bugs 5

00 #1331402 CVE-2016-2108 openssl: Memory corruption in the ASN.1 encoder
0+1 #1331426 CVE-2016-2107 openssl: Padding oracle in AES-NI CBC MAC check
00 #1331441 CVE-2016-2105 openssl: EVP_EncodeUpdate overflow
00 #1331536 CVE-2016-2106 openssl: EVP_EncryptUpdate overflow
00 #1332588 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 openssl: various flaws [fedora-all]

Automated Test Results