https://www.openssl.org/news/secadv_20140407.txt
See also http://heartbleed.com/ and http://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/ This is potentially very serious and can cause leakage of private keys and other information. The current version of OpenSSL on Fedora (standard repos and Koji) is 1.0.1e, which has this vulnerability. An upgrade to 1.0.1g should be provided urgently. poc -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
