OpenSSL was updated to fix several security issues:
* CVE-2015-4000: The Logjam Attack ( weakdh.org ) has been addressed by
rejecting connections with DH parameters shorter than 1024 bits.
2048-bit DH parameters are now generated by default.
* CVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.
* CVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent
was fixed.
* Fixed a timing side channel in RSA decryption. (bsc#929678)
Additional changes:
* In the default SSL cipher string EXPORT ciphers are now disabled.
This will only get active if applications get rebuilt and actually
use this string. (bsc#931698)
Security Issues:
* CVE-2015-1789
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789>
* CVE-2015-1790
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790>
* CVE-2015-4000
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000>