IPFire 2.17 - Core Update 97 released
The IPFire Project
ipfire-announce at lists.ipfire.org
Fri Jan 29 18:50:12 CET 2016
This is the official release announcement for IPFire 2.17 – Core Update
97. An other OpenSSL security fix has been released, which is shipped
in this Core Update among some other security vulnerabilities. As this
is a rather urgent update, we recommend to install it as soon as
possible. We also recommend rebooting after the update has been
OpenSSL security fixes – 1.0.2f
It is possible to exploit the Diffie-Hellman key exchange (CVE-2016-
0701, )and get hold of the server’s private exponent. With that any
future connections can be decrypted. Please check out the original
security advisory for more details.
A second fix (CVE-2015-3197) in the OpenSSL library fixes the
deactivation of some SSLv2 ciphers.
An other change will strengthen SSL connections against being taken
over by a man-in-the-middle attack that tries to downgrade the length
of the Diffie-Hellman key that is being used.
An information leak (CVE-2016-0777) flaw was found in the way the
OpenSSH client roaming feature was implemented. A malicious server
could potentially use this flaw to leak portions of memory (possibly
including private SSH keys) of a successfully authenticated OpenSSH
The SSH daemon will be restarted during the update in case it is
Please help us to sustain the work on IPFire Project
with your donation .
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: This is a digitally signed message part
More information about the IPFire-Announce