Bug 846586 - CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 mingw-openssl various flaws [fedora-all]
Summary: CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 mingw-openssl various...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: mingw-openssl
Version: 19
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Richard W.M. Jones
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619
TreeView+ depends on / blocked
 
Reported: 2012-08-08 07:51 UTC by Tomas Hoger
Modified: 2014-01-25 21:34 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Release Note
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-01-25 21:34:31 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Tomas Hoger 2012-08-08 07:51:03 UTC 
+++ This bug was initially created as a clone of Bug #773330 +++


--- Additional comment from thoger on 2012-08-08 03:49:41 EDT ---

mingw*-openssl packages in fedora still on 1.0.0d, while the issues were fixed upstream in 1.0.0f.  No backported patches it seems.
Comment 1 Fedora End Of Life 2013-04-03 18:21:41 UTC 
This bug appears to have been reported against 'rawhide' during the Fedora 19 development cycle.
Changing version to '19'.

(As we did not run this process for some time, it could affect also pre-Fedora 19 development
cycle bugs. We are very sorry. It will help us with cleanup during Fedora 19 End Of Life. Thank you.)

More information and reason for this action is here:
https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora19
Comment 2 Erik van Pienbroek 2014-01-25 21:34:31 UTC 
Fedora 19 carries openssl 1.0.1e which should already have fixes for these CVE issues
Note You need to log in before you can comment on or make changes to this bug.