Resolved Bugs
1153814 – yum cannot access repositories using TLS 1.2
1166567 – curl: Disable out-of-protocol fallback to SSL 3.0
1166239 – Please include “low-speed-limit: avoid timeout flood” patch into fedora curl package
1154941 – CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS<br
– allow to use TLS 1.1 and TLS 1.2 (#1153814)
– disable libcurl-level downgrade to SSLv3 (#1166567)
– low-speed-limit: avoid timeout flood (#1166239)
– fix handling of CURLOPT_COPYPOSTFIELDS in curl_easy_duphandle (CVE-2014-3707)