Linux News Today: IPFire 2.19 Core Update 102 Linux Firewall OS Lands More OpenSSL Security Fixes
Yesterday we reported news on the release of the IPFire 2.19 Core Update 102 Linux kernel-based firewall distribution, which brought many security patches and improvements, along with updated components.
Today, May 5, 2016, we’re informing our readers about the immediate availability of IPFire 2.19 Core Update 102, a small maintenance build to the stable IPFire 2.19 distribution that updates the OpenSSL package to version 1.0.2h, fixing a total of six vulnerabilities discovered upstream.
“This update contains various security fixes in the OpenSSL library. It is recommended to install this update as soon as possible,” said Michael Tremer in the announcement. “This Core Update brings you OpenSSL 1.0.2h which fixes all of these above. Additionally, OpenSSH is updated to version 7.2p2 and will be restarted during the update.”
OpenSSL 1.0.2h brings security fixes
Among the security fixes brought by the recently announced OpenSSL 1.0.2h update, we can mention a memory corruption in the ASN.1 encoder, EVP_EncodeUpdate and EVP_EncryptUpdate overflows, ASN.1 BIO excessive memory allocation, EBCDIC overread, and padding oracle in AES-NI CBC MAC check.
Also new in today’s update of IPFire 2.19 is the latest OpenSSH 7.2p2 open source SSH1 and SSH2 implementation for GNU/Linux and BSD operating systems. Please note that after you apply the Core Update 102 on your IPFire 2.19 installation the OpenSSH service will be automatically restarted.
IPFire 2.19 Core Update 102 is a small but pretty important update to the Linux kernel-based firewall distribution, so the project’s maintainers are urging all users to update from IPFire 2.19 Core Update 101 or a previous version as soon as possible. On the other hand, newcomers can grab IPFire 2.19 Core Update 102 right now via our website.