openssl: security update to 1.0.2f
| Message ID | 1453996171-31510-1-git-send-email-michael.tremer@ipfire.org |
|---|---|
| State | Accepted |
| Commit | a6c71642778020a832bb5da67db8ebd004d85bad |
| Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.tremer.info [172.28.1.200]) by septima.ipfire.org (Postfix) with ESMTP id C0781626F5 for <patchwork@ipfire.org>; Thu, 28 Jan 2016 16:49:52 +0100 (CET) Received: from hedwig.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 9770C9E7; Thu, 28 Jan 2016 16:49:52 +0100 (CET) Received: from rice-oxley.tremer.co.uk (unknown [83.216.152.244]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id C8E94D5; Thu, 28 Jan 2016 16:49:50 +0100 (CET) From: Michael Tremer <michael.tremer@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] openssl: security update to 1.0.2f Date: Thu, 28 Jan 2016 15:49:31 +0000 Message-Id: <1453996171-31510-1-git-send-email-michael.tremer@ipfire.org> X-Mailer: git-send-email 2.4.3 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <http://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <http://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <http://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Cc: Arne Fitzenreiter <arne_f@ipfire.org> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
Message
Michael Tremer
Jan. 29, 2016, 2:49 a.m. UTC
From: Arne Fitzenreiter <arne_f@ipfire.org> changes: * DH small subgroups - CVE-2016-0701 * SSLv2 doesn't block disabled ciphers - CVE-2015-3197 * Reject DH handshakes with parameters shorter than 1024 bits Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> --- lfs/openssl | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)