Red Hat Bugzilla – Bug 588181
Provide an installable update with safe SSL renegotiation (RFC 5746) support
Last modified: 2010-05-25 14:41:52 EDT
Description of problem: The current version of openssl in Fedora 12 still does not have full RFC 5746 support (the server seems not to honor the SCSV sent by Firefox). An update with full support was built, but it cannot be installed due to a multilib conflict: https://admin.fedoraproject.org/updates/openssl-1.0.0-1.fc12 The underlying problem (bug 578842) has been fixed in rawhide but not in F13 or F12: https://cvs.fedoraproject.org/viewvc/rpms/openssl/devel/openssl-1.0.0-timezone.patch?revision=1.1&view=markup Please provide an installable update for F12, either by applying the fix or just resubmitting the build request until it gets lucky. Version-Release number of selected component (if applicable): openssl-1.0.0-0.13.beta4.fc12 How reproducible: Always Steps to Reproduce, etc: Same as bug 579311.
openssl-1.0.0-4.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/openssl-1.0.0-4.fc12
openssl-1.0.0-4.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update openssl'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/openssl-1.0.0-4.fc12
openssl-1.0.0-4.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.