OpenSSL 1.0.1 was updated to fix several security issues:
* CVE-2015-4000: The Logjam Attack ( weakdh.org ) has been addressed
by rejecting connections with DH parameters shorter than 1024 bits.
2048-bit DH parameters are now generated by default.
* CVE-2015-1788: Malformed ECParameters could cause an infinite loop.
* CVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.
* CVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent
was fixed.
* CVE-2015-1792: A CMS verification infinite loop when using an
unknown hash function was fixed.
* CVE-2015-1791: Fixed a race condition in NewSessionTicket creation.
* CVE-2014-8176: Fixed an invalid free in DTLS.
* Fixed a timing side channel in RSA decryption. (bsc#929678)
Security Issues:
* CVE-2014-8176
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176</a>>
* CVE-2015-1788
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788</a>>
* CVE-2015-1789
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789</a>>
* CVE-2015-1790
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790</a>>
* CVE-2015-1791
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791</a>>
* CVE-2015-1792
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792</a>>
* CVE-2015-4000
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000</a>>