This update fixes issues with selection of inappropriate DH parameters, which could lead to encrypted traffic being more easily decrypted than it should be.
The update also adds support for specifying TLSv1.1 and TLSv1.2, and fixes an SUID/SGID directory permission setting regression introduced with an earlier update addressing CVE-2012-6095.
sudo dnf upgrade --advisory=FEDORA-EPEL-2016-bafacd5846
|submitted||3 years ago|
|in testing||3 years ago|
|in stable||3 years ago|
|modified||3 years ago|
|0||0||#1281493 Unable to use TLSv1.1 or TLSv1.2 protocol when TLSProtocol is set to TLSv1|
|0||0||#1297264 Backport fix for handling/propagation of SUID/SGID bits from parent directory|
|0||0||#1317420 CVE-2016-3125 proftpd: usage of 1024 bit DH key even with manual parameters set|
|0||0||#1317422 CVE-2016-3125 proftpd: usage of 1024 bit DH key even with manual parameters set [epel-all]|