You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa okio

Sigurnosni nedostaci programskog paketa okio

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2016-02-29 18:03:52.031144

Name : okio
Product : Fedora 23
Version : 1.6.0
Release : 1.fc23
Summary : Java I/O library
Description :
Okio is a new library that complements and java.nio to make it
much easier to access, store, and process data.

Update Information:

This update fixes a security vulnerability which allows an attacker to bypass
certificate pinning and cause OkHttp not not to validate that the pinned
certificate was in the chain to a trusted certificate authority.

[ 1 ] Bug #1308851 – CVE-2016-2402 okhttp: certificate pining bypass

This update can be installed with the “yum” update program. Use
su -c ‘yum update okio’ at the command line.
For more information, refer to “Managing Software with yum”,
available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list

AutorMarko Stanec
Cert idNCERT-REF-2016-03-0001-ADV
More in Preporuke
Sigurnosni nedostaci programskog paketa rubygem-activesupport

Otkriveni su sigurnosni nedostaci u programskom paketu rubygem-activesupport za operativni sustav Fedora 22. Otkriveni nedostaci potencijalnim napadačima omogućuju zaobilazak koraka...