sledp3-openssl

Security update for OpenSSL

Specially crafted responses from SSL servers could cause a double-free bug in openssl's client implementation. Malicious servers could exploit that to crash programs use openssl for the SSL connection (CVE-2010-2939). This has been fixed. Security Issue reference: * CVE-2010-2939 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939> security openssl i586 91ac7eb281b509c80276af241f202258eea9db41 openssl-devel i586 c289788b293ebd4e421c61e7568ec08bc1df3785