| |||||||||||||||||||
Slackware alert SSA:2009-098-01 (openssl)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] openssl (SSA:2009-098-01) New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, and -current to fix security issues. More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 Here are the details from the Slackware 12.2 ChangeLog: +--------------------------+ patches/packages/openssl-0.9.8h-i486-3_slack12.0.tgz: Patched (see below). patches/packages/openssl-solibs-0.9.8h-i486-3_slack12.0.tgz: Patched to fix possible crashes as well as a (fairly unlikely) case where an invalid signature might verify as valid. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Updated package for Slackware 11.0: ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patc... openssl-solibs-0.9.8h-i486-3_slack11.0.tgz Updated package for Slackware 12.0: ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patc... openssl-solibs-0.9.8h-i486-3_slack12.0.tgz Updated package for Slackware 12.1: ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patc... openssl-solibs-0.9.8h-i486-3_slack12.1.tgz Updated package for Slackware 12.2: ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patc... openssl-solibs-0.9.8i-i486-3_slack12.2.tgz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/s... n/openssl-0.9.8k-i486-1.tgz MD5 signatures: +-------------+ Slackware 11.0 packages: e44ec3cba02b75d0a9a2eaa3497cacdd openssl-0.9.8h-i486-3_slack11.0.tgz 58d2055da525dbce5b311c2b40fad7dc openssl-solibs-0.9.8h-i486-3_slack11.0.tgz Slackware 12.0 packages: 5784077250604b326baa2a34f6ead905 openssl-0.9.8h-i486-3_slack12.0.tgz 60b6ed4db2f76634abeab1a99b90cd87 openssl-solibs-0.9.8h-i486-3_slack12.0.tgz Slackware 12.1 packages: c83b32d650ade46c3fd162c11fa749fb openssl-0.9.8h-i486-3_slack12.1.tgz abda6caa9130093004dd87e093d4a93f openssl-solibs-0.9.8h-i486-3_slack12.1.tgz Slackware 12.2 packages: c910652909f75aa654dfb2835e474edf openssl-0.9.8i-i486-3_slack12.2.tgz 1acff931e71bddeed83a7ee4726286fa openssl-solibs-0.9.8i-i486-3_slack12.2.tgz Slackware -current packages: b90377904539671507c04168172c4c6c openssl-solibs-0.9.8k-i486-1.tgz a43244be109e42168f251f04cef10dd6 openssl-0.9.8k-i486-1.tgz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg openssl-0.9.8i-i486-3_slack12.2.tgz openssl-solibs-0.9.8i-i486-3_slack12.2.tgz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkncPn0ACgkQakRjwEAQIjPlUQCbB10euIPIV963mRXpE8336jKh zUYAn1gtnW4Ferdk2gDsZcS64YlTw8hf =SdTc -----END PGP SIGNATURE----- (Log in to post comments)
|
|||||||||||||||||||