openssl: security update to 0.9.8w. (CVE-2012-2131).

SN1 BIO incomplete fix (CVE-2012-2131) ======================================= It was discovered that the fix for CVE-2012-2110 released on 19 Apr 2012 was not sufficient to correct the issue for OpenSSL 0.9.8. Please see http://www.openssl.org/news/secadv_20120419.txt for details of that vulnerability. This issue only affects OpenSSL 0.9.8v. OpenSSL 1.0.1a and 1.0.0i already contain a patch sufficient to correct CVE-2012-2110. Thanks to Red Hat for discovering and fixing this issue. Affected users should upgrade to 0.9.8w. References ========== URL for this Security Advisory: http://www.openssl.org/news/secadv_20120424.txt
2026-04-27 11:13:24 +02:00 · 2012-05-02 19:42:02 +02:00
parent 75c2cf6f51
commit a6f4183e83
2 changed files with 3 additions and 3 deletions
--- a/config/rootfiles/common/openssl
+++ b/config/rootfiles/common/openssl
@@ -1116,7 +1116,6 @@ usr/lib/libssl.so.0.9.8
 #usr/share/man/man3/dsa.3
 #usr/share/man/man3/ecdsa.3
 #usr/share/man/man3/engine.3
-#usr/share/man/man3/err.3
 #usr/share/man/man3/evp.3
 #usr/share/man/man3/hmac.3
 #usr/share/man/man3/i2d_ASN1_OBJECT.3
@@ -1164,6 +1163,7 @@ usr/lib/libssl.so.0.9.8
 #usr/share/man/man3/md5.3
 #usr/share/man/man3/mdc2.3
 #usr/share/man/man3/pem.3
+#usr/share/man/man3/rand.3
 #usr/share/man/man3/rc4.3
 #usr/share/man/man3/ripemd.3
 #usr/share/man/man3/rsa.3