2015年4月4日 星期六

rpm 套件管理

 查更新記錄
rpm -qa --changelog openssl | head -n11
* 2015  3月 19 四 Tomáš Mráz 1.0.1e-42.4
- update fix for CVE-2015-0287 to what was released upstream

* 2015  3月 18 三 Tomáš Mráz 1.0.1e-42.3
- fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey()
- fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison
- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption
- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data
- fix CVE-2015-0292 - integer underflow in base64 decoder
- fix CVE-2015-0293 - triggerable assert in SSLv2 server

查詢openssl 是否對CVE-2014-0224有做修正
rpm -q --changelog openssl | grep CVE-2014-0224

- fix CVE-2014-0224 fix that broke EAP-FAST session resumption support
- fix CVE-2014-0224 - SSL/TLS MITM vulnerability
 

沒有留言:

張貼留言