* IPFire 2.19 - Core Update 102 released
@ 2016-05-04 19:57 The IPFire Project
0 siblings, 0 replies; only message in thread
From: The IPFire Project @ 2016-05-04 19:57 UTC (permalink / raw)
To: ipfire-announce
[-- Attachment #1: Type: text/plain, Size: 1225 bytes --]
http://www.ipfire.org/news/ipfire-2-19-core-update-102-released
This is the official release announcement for IPFire 2.19 – Core Update 102.
This update contains various security fixes in the OpenSSL library. It is
recommended to install this update as soon as possible.
OpenSSL Security Fixes
The OpenSSL team published fixes for several security issues [1] yesterday:
* Memory corruption in the ASN.1 encoder (CVE-2016-2108)
* Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
* EVP_EncodeUpdate overflow (CVE-2016-2105)
* EVP_EncryptUpdate overflow (CVE-2016-2106)
* ASN.1 BIO excessive memory allocation (CVE-2016-2109)
* EBCDIC overread (CVE-2016-2176)
This Core Update brings you OpenSSL 1.0.2h which fixes all of these above.
Additionally OpenSSH is updated to version 7.2p2 and will be restarted during
the update.
We are currently crowdfunding a Captive Portal for IPFire [2] and would like you
to ask to check it out and support us!
Please help us to support the work on IPFire Project with your donation [3].
[1] https://www.openssl.org/news/secadv/20160503.txt
[2] http://wishlist.ipfire.org/wish/the-ipfire-captive-portal
[3] http://www.ipfire.org/donate
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2016-05-04 19:57 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-05-04 19:57 IPFire 2.19 - Core Update 102 released The IPFire Project
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox