Bug 846586

Summary: CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 mingw-openssl various flaws [fedora-all]
Product: [Fedora] Fedora Reporter: Tomas Hoger <thoger>
Component: mingw-opensslAssignee: Richard W.M. Jones <rjones>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: 19CC: erik-fedora, kalevlember, ktietz, lfarkas, rjones
Target Milestone: ---Keywords: Security, SecurityTracking
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Release Note
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-01-25 21:34:31 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 771770, 771775, 771778, 771780    

Description Tomas Hoger 2012-08-08 07:51:03 UTC 
+++ This bug was initially created as a clone of Bug #773330 +++


--- Additional comment from thoger on 2012-08-08 03:49:41 EDT ---

mingw*-openssl packages in fedora still on 1.0.0d, while the issues were fixed upstream in 1.0.0f.  No backported patches it seems.
Comment 1 Fedora End Of Life 2013-04-03 18:21:41 UTC 
This bug appears to have been reported against 'rawhide' during the Fedora 19 development cycle.
Changing version to '19'.

(As we did not run this process for some time, it could affect also pre-Fedora 19 development
cycle bugs. We are very sorry. It will help us with cleanup during Fedora 19 End Of Life. Thank you.)

More information and reason for this action is here:
https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora19
Comment 2 Erik van Pienbroek 2014-01-25 21:34:31 UTC 
Fedora 19 carries openssl 1.0.1e which should already have fixes for these CVE issues