ChangeLog for: 2015-01-09 18:47:53

a/openssl-solibs-1.0.1k-x86_64-1.txz:  Upgraded.
  (* Security fix *)
n/openssl-1.0.1k-x86_64-1.txz:  Upgraded.
  This update fixes several security issues:
    DTLS segmentation fault in dtls1_get_record (CVE-2014-3571)
    DTLS memory leak in dtls1_buffer_record (CVE-2015-0206)
    no-ssl3 configuration sets method to NULL (CVE-2014-3569)
    ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)
    RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)
    DH client certificates accepted without verification [Server] (CVE-2015-0205)
    Certificate fingerprints can be modified (CVE-2014-8275)
    Bignum squaring may produce incorrect results (CVE-2014-3570)
  For more information, see:
    https://www.openssl.org/news/secadv_20150108.txt
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570
  (* Security fix *)
xap/fluxbox-1.3.6-x86_64-1.txz:  Upgraded.