You are here
Home > Preporuke > Višestruke ranjivosti programskog paketa mingw-openssl

Višestruke ranjivosti programskog paketa mingw-openssl

  • Detalji os-a: FED
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2016-05-20 17:33:01.140173

Name : mingw-openssl
Product : Fedora 23
Version : 1.0.2h
Release : 1.fc23
Summary : MinGW port of the OpenSSL toolkit
Description :
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and

This package contains Windows (MinGW) libraries and development tools.

Update Information:

Update to latest openssl which fixes various CVE’s

[ 1 ] Bug #1302768 – CVE-2015-3197 mingw-openssl: OpenSSL: SSLv2 doesn’t block disabled ciphers [fedora-all]
[ 2 ] Bug #1307773 – mingw-openssl: FTBFS in rawhide
[ 3 ] Bug #1312857 – CVE-2016-0799 mingw-openssl: OpenSSL: Fix memory issues in BIO_*printf functions [fedora-all]
[ 4 ] Bug #1312861 – CVE-2016-0705 mingw-openssl: OpenSSL: Double-free in DSA code [fedora-all]
[ 5 ] Bug #1330104 – CVE-2016-2109 mingw-openssl: openssl: ASN.1 BIO handling of large amounts of data [fedora-all]
[ 6 ] Bug #1332589 – CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 mingw-openssl: various flaws [fedora-all]

This update can be installed with the “yum” update program. Use
su -c ‘yum update mingw-openssl’ at the command line.
For more information, refer to “Managing Software with yum”,
available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list

AutorTomislav Protega
Cert idNCERT-REF-2016-05-0013-ADV
CveCVE-2015-3197 CVE-2016-0799 CVE-2016-0705 CVE-2016-2109 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108
ID izvornikaFEDORA-2016-e1234b65a2
More in Preporuke
Sigurnosni nedostaci programskog paketa java-1_7_0-ibm

Otkriveni su sigurnosni nedostaci u programskom paketu java-1_7_0-ibm za operacijski sustav Suse. Ranjivosti su uzrokovane nedefiniranim greškama u podkomponentama poput...