A security issue fixed in openssl's git was posted to oss-security: http://www.openwall.com/lists/oss-security/2016/06/08/2 It was fixed with these commits: https://git.openssl.org/?p=openssl.git;a=commit;h=621eaf49a289bfac26d4cbcdb7396e796784c534 https://git.openssl.org/?p=openssl.git;a=commit;h=b7d0f2834e139a20560d64c73e2565e93715ce2b I also noticed another CVE referenced with this earlier commit: https://git.openssl.org/?p=openssl.git;a=commit;h=a004e72b95835136d3f1ea90517f706c24c03da7 I suppose another upstream release should be on the way before too long.
Whiteboard: (none) => MGA5TOO
Assinging to all packagers collectively, since there is no maintainer for this package
CC: (none) => marja11Assignee: bugsquad => pkg-bugs
oss-security post with more explanation about the other CVE: http://openwall.com/lists/oss-security/2016/06/08/9
These issues are being handled in Bug 19446. *** This bug has been marked as a duplicate of bug 19446 ***
Status: NEW => RESOLVEDResolution: (none) => DUPLICATE