openssl was updated to 1.0.1k to fix various security
issues and bugs.
More information can be found in the openssl advisory:
http://openssl.org/news/secadv_20150108.txt
Following issues were fixed:
* CVE-2014-3570 (bsc#912296): Bignum squaring (BN_sqr) may have produced incorrect results on some platforms, including x86_64.
* CVE-2014-3571 (bsc#912294): Fixed crash in dtls1_get_record whilst in the listen state where you get two separate reads performed - one for the header and one for the body of the handshake record.
* CVE-2014-3572 (bsc#912015): Don't accept a handshake using an ephemeral ECDH ciphersuites with the server key exchange message omitted.
* CVE-2014-8275 (bsc#912018): Fixed various certificate fingerprint issues.
* CVE-2015-0204 (bsc#912014): Only allow ephemeral RSA keys in export ciphersuites
* CVE-2015-0205 (bsc#912293): A fixwas added to prevent use of DH client certificates without sending certificate verify message.
* CVE-2015-0206 (bsc#912292): A memory leak was fixed in dtls1_buffer_record.
- Submitted by Cristian Rodríguez (elvigia)