+++ This bug was initially created as a clone of Bug #773330 +++ --- Additional comment from thoger on 2012-08-08 03:49:41 EDT --- mingw*-openssl packages in fedora still on 1.0.0d, while the issues were fixed upstream in 1.0.0f. No backported patches it seems.
This bug appears to have been reported against 'rawhide' during the Fedora 19 development cycle. Changing version to '19'. (As we did not run this process for some time, it could affect also pre-Fedora 19 development cycle bugs. We are very sorry. It will help us with cleanup during Fedora 19 End Of Life. Thank you.) More information and reason for this action is here: https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora19
Fedora 19 carries openssl 1.0.1e which should already have fixes for these CVE issues