OpenSSL 0.9.8
Dave Jones
davej at redhat.com
Tue Sep 12 03:08:12 UTC 2006
On Mon, Sep 11, 2006 at 07:06:38PM -0700, Kenny Simpson wrote:
> With all updates applied, I only get version 0.9.8b, but 0.9.8c (a secutiry-related release) has
> been out for almost a week now:
> http://www.openssl.org/news/secadv_20060905.txt
(22:59:53:davej at nwo:~)$ rpm -q --changelog openssl | head -n2
* Sat Sep 09 2006 Tomas Mraz <tmraz at redhat.com> 0.9.8b-6
- fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180)
The fix has been backported. FC5 is fixed similarly (though in 0.9.8a there)
Dave
More information about the fedora-test-list
mailing list