stable

openssl-1.0.2g-2.fc23

FEDORA-2016-2802690366 created by tmraz 9 years ago for Fedora 23

New upstream release fixing security issues.

Note that SSLv2 was already disabled by default in Fedora OpenSSL.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2016-2802690366

This update has been submitted for testing by tmraz.

9 years ago

This update has obsoleted openssl-1.0.2g-1.fc23, and has inherited its bugs and notes.

9 years ago

tmraz edited this update.

9 years ago
User Icon ppisar commented & provided feedback 9 years ago
karma

This one looks good, it preserves ABI.

User Icon jorton commented & provided feedback 9 years ago
karma

+1, mod_ssl upstream test suite passes.

This update has been pushed to testing.

9 years ago

This update has been submitted for stable by bodhi.

9 years ago
User Icon anonymous commented & provided feedback 9 years ago

Works well. No issues have noticed

karma: +1

BZ#1313509 openssl-1.0.2g-1.fc23 breaks ABI, missing symbols compared to openssl-1.0.2f-1.fc23

This update has been pushed to stable.

9 years ago
User Icon pjp commented & provided feedback 8 years ago

Its severity needs to be 'High'. It fixes CVE-2016-0800 DROWN issue -> https://openssl.org/news/vulnerabilities.html#y2016 Notes about update should include such information.

User Icon tmraz commented & provided feedback 8 years ago

No, because SSLv2 was already disabled before, this erratum does not really solve DROWN - it was already solved.

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
2
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-2
Stable by Karma
2
Stable by Time
disabled
Dates
submitted
9 years ago
in testing
9 years ago
in stable
9 years ago
modified
9 years ago
Builds
1
openssl-1.0.2g-2.fc23
BZ#1310596 CVE-2016-0705 OpenSSL: Double-free in DSA code
0
0
BZ#1310599 CVE-2016-0702 OpenSSL: Side channel attack on modular exponentiation
0
0
BZ#1312219 CVE-2016-0799 OpenSSL: Fix memory issues in BIO_*printf functions
0
0
BZ#1312856 CVE-2016-0799 OpenSSL: Fix memory issues in BIO_*printf functions [fedora-all]
0
0
BZ#1312860 CVE-2016-0705 OpenSSL: Double-free in DSA code [fedora-all]
0
0
BZ#1313509 openssl-1.0.2g-1.fc23 breaks ABI, missing symbols compared to openssl-1.0.2f-1.fc23
0
1
openssl-1.0.2g-2.fc23

Automated Test Results

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 8.3.0 on bodhi-web-177-ngwjn.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy