diff options
| author | Adrien Nader <adrien@notk.org> | 2015-01-09 20:09:50 +0100 |
|---|---|---|
| committer | Adrien Nader <adrien@notk.org> | 2015-01-09 20:09:50 +0100 |
| commit | 205c4743b095b6b946aa480fd123cf565903de99 (patch) | |
| tree | 953d5473d5d50ead5dc9c2f9f82e1d8a7646993c | |
| parent | 506c39cf96580a36cdecb054059ab37d8d3fdf65 (diff) | |
Fri Jan 9 17:47:53 UTC 2015
a/openssl-solibs-1.0.1k-x86_64-1.txz: Upgraded.
(* Security fix *)
n/openssl-1.0.1k-x86_64-1.txz: Upgraded.
This update fixes several security issues:
DTLS segmentation fault in dtls1_get_record (CVE-2014-3571)
DTLS memory leak in dtls1_buffer_record (CVE-2015-0206)
no-ssl3 configuration sets method to NULL (CVE-2014-3569)
ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)
RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)
DH client certificates accepted without verification [Server] (CVE-2015-0205)
Certificate fingerprints can be modified (CVE-2014-8275)
Bignum squaring may produce incorrect results (CVE-2014-3570)
For more information, see:
https://www.openssl.org/news/secadv_20150108.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570
(* Security fix *)
xap/fluxbox-1.3.6-x86_64-1.txz: Upgraded.
| -rw-r--r-- | n/openssl/openssl-1.0.1j.tar.gz.asc | 11 | ||||
| -rw-r--r-- | n/openssl/openssl-1.0.1k.tar.gz.asc | 11 | ||||
| -rw-r--r-- | n/openssl/openssl0/openssl-0.9.8zc.tar.gz.asc | 11 | ||||
| -rw-r--r-- | n/openssl/openssl0/openssl-0.9.8zd.tar.gz.asc | 11 |
4 files changed, 22 insertions, 22 deletions
diff --git a/n/openssl/openssl-1.0.1j.tar.gz.asc b/n/openssl/openssl-1.0.1j.tar.gz.asc deleted file mode 100644 index 034cd29..0000000 --- a/n/openssl/openssl-1.0.1j.tar.gz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iQEcBAABAgAGBQJUPm6ZAAoJENnE0m0OYESRnTMH/3C0nbnYzAn5mO+PIZUs/yJ5 -DWFKNY4nUeJDuI6V1M95qhnQVn4ae3ikCQeXXVQEMMeWf2giATGJAmt0bJsyylfE -M/q9K6/hyshJDMXNWK0BvoC/XjE5ohwZQEFHjqvcS1+ednOsuLoBPNslghA2CNTC -8+iv9+eOMcTJyraEh09jjCzn7WNaL2IMyvx1b7xtj4zvZ6chVEoqSSYM820NdqZQ -1xoClVOXn/IEkoUOG81NgzsMol7AjPM8AVeG7UGHqqKy/TGKHAiik6gpLjOpGpzv -iyU7nMzK+YhWU1UgJdXu7De0FjekTFgZgHCANdw1FmPcGpiXJsZcY+jPaYNCouQ= -=h6ga ------END PGP SIGNATURE----- diff --git a/n/openssl/openssl-1.0.1k.tar.gz.asc b/n/openssl/openssl-1.0.1k.tar.gz.asc new file mode 100644 index 0000000..27cd786 --- /dev/null +++ b/n/openssl/openssl-1.0.1k.tar.gz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iQEcBAABAgAGBQJUro4+AAoJENnE0m0OYESRdWQH/0h7DRno0VcesRBkHE0S8zyt +DNbIyJ2QwyhFw3yKvUcau2qP6DCAi+6Fcs/MONRI6uRAN7NWxsROBstkjIVEWLq/ +fvhF27QWGCEUB9iYIk00dOtISGpUBuB0e5goOH5Gyb89c10wPkDa5ZLpAavZxzne +BFdfXQU624nt8D4k2Can9JIme3QCr6LgxVQhbU7pmXQN+dFOv8Bza9Fnm5sfo2fP +MDZNOIJusCpu15lSyJdoKpkCFy2OaQrDw6h/VAWfHENdklbkWJtCsJIV5zL6OlWn +2+6hABhE0ErmS3ax9uhWbDW9/Z0fz6WLSRGuWOVHb1ighzOj7K4WgTdMILcINQg= +=kQEU +-----END PGP SIGNATURE----- diff --git a/n/openssl/openssl0/openssl-0.9.8zc.tar.gz.asc b/n/openssl/openssl0/openssl-0.9.8zc.tar.gz.asc deleted file mode 100644 index 528fd09..0000000 --- a/n/openssl/openssl0/openssl-0.9.8zc.tar.gz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iQEcBAABAgAGBQJUPm02AAoJENnE0m0OYESRGW0IALSPAfr5hpZwuktYojERPifz -uD4ZYk67tGFffAhhkV09P57m2ahPO8f+7lG1aHmKr+/OiI8PPaTd3wetF9Nt5S1n -dfptpmUPx/wFLvatD55litJtf4AmNhb5g+rvC8PSr9VaBvpudtoJVd+b22f8lCMc -YoGBkg/AeTjvA1ddSCdMFTvlcjx4Z/BL3KHZldB9aoNs68ByDzFkbe9pW4uK3k8C -Timj2HIS06HOVfEpnySk+iXMLXuEWAmlY6BsI3Ij2dTgJpAlN/vIRLb+aG9sO38W -R1BxfbMsBPVBEQFGY/iTYIe2Ohyl/UoGLHfvMD3BYE8nTuSDuda/AIJ9AcIrMZ4= -=1i6h ------END PGP SIGNATURE----- diff --git a/n/openssl/openssl0/openssl-0.9.8zd.tar.gz.asc b/n/openssl/openssl0/openssl-0.9.8zd.tar.gz.asc new file mode 100644 index 0000000..ae9dcca --- /dev/null +++ b/n/openssl/openssl0/openssl-0.9.8zd.tar.gz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iQEcBAABAgAGBQJUrpVNAAoJENnE0m0OYESRU8gH/1CrBXxPBd5xdixxZfp5g3F1 +6VPUHcnBk/Q8jFeD8LGfsdZ4vAQhsg6hLdCSyNSNbkLOw86ec/lKhMzgnnWGtSXW +N7Pr93PU6mSVd/kEBg0m3JQNNyQbHPT0pkIDgJ2pyofx9ulIGhzGQhOZ5MY69du1 +NKrMGqufwH6K9KZpONnZCp9I3PSWPKDj67M04mmvdHlmrXTXqy6ErtayS57G5+it +YFc1SfFWFz+I/RI470Yw/GI2lklbouxG7XvADLXAqXBw2b8I3HYGag0MVNmRnwpG +D6rjYX2k1Z2X8mghiWTn35YYCmy1qpdZ9YCDrRBhcRiFsLEZ+V+6djo0wXMKXfM= +=wrb0 +-----END PGP SIGNATURE----- |