Debian: DSA-1970-1: New openssl packages fix denial of service

    Date 13 Jan 2010
    Posted By LinuxSecurity Advisories
    It was discovered that a significant memory leak could occur in openssl, related to the reinitialization of zlib. This could result in a remotely exploitable denial of service vulnerability when using the Apache httpd server in a configuration where mod_ssl, mod_php5, and the php5-curl
    - ------------------------------------------------------------------------
    Debian Security Advisory DSA-1970-1                  This email address is being protected from spambots. You need JavaScript enabled to view it.                           Stefan Fritsch
    January 13, 2010            
    - ------------------------------------------------------------------------
    Package        : openssl
    Vulnerability  : denial of service
    Problem type   : remote
    Debian-specific: no
    CVE Id         : CVE-2009-4355
    It was discovered that a significant memory leak could occur in openssl,
    related to the reinitialization of zlib. This could result in a remotely
    exploitable denial of service vulnerability when using the Apache httpd
    server in a configuration where mod_ssl, mod_php5, and the php5-curl
    extension are loaded.
    The old stable distribution (etch) is not affected by this issue.
    For the stable distribution (lenny), this problem has been fixed in
    version 0.9.8g-15+lenny6.
    The packages for the arm architecture are not included in this advisory.
    They will be released as soon as they become available.
    For the testing distribution (squeeze) and the unstable distribution
    (sid), this problem will be fixed soon. The issue does not seem to be
    exploitable with the apache2 package contained in squeeze/sid.
    We recommend that you upgrade your openssl packages. You also need to
    restart your Apache httpd server to make sure it uses the updated
    Upgrade instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    If you use apache2, you should restart it to make sure that it uses the
    updated libraries:
    /etc/init.d/apache2 restart
    Debian GNU/Linux 5.0 alias lenny (stable)
    - -----------------------------------------
    Stable updates are available for alpha, amd64, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
    Source archives:
        Size/MD5 checksum:  3354792 acf70a16359bf3658bdfb74bda1c4419
        Size/MD5 checksum:     1973 3240bf459cdb8947e48f2dbefe57a280
        Size/MD5 checksum:    59104 06bb67baea434b022552960e6cd0f316
    alpha architecture (DEC Alpha)
        Size/MD5 checksum:   722026 684030ca277ee132aedb6377b8d7f4e9
        Size/MD5 checksum:  1028856 7ee53ab22e9b6211e4a043dcebe8c91a
        Size/MD5 checksum:  2813580 c5623a1bc1363cdda859a7fb7821f26e
        Size/MD5 checksum:  4369342 a5c5c8e0fabeab67421ddcd3143fc14e
        Size/MD5 checksum:  2582954 e78239c77c259265884f0fc3a916c1da
    amd64 architecture (AMD x86_64 (AMD64))
        Size/MD5 checksum:   638372 b6aefcac5fe4c7b506fd328594a7ef1e
        Size/MD5 checksum:   975718 d993a3bf5c2b714f34241d4129c5cd91
        Size/MD5 checksum:  1043198 c4d0fa66bbf6bb9a85a5c926d6d32823
        Size/MD5 checksum:  2242218 4eabde020e8cbcab26342fa0ce1c6d94
        Size/MD5 checksum:  1627524 dc09c2e462fe448ed63fe884dbc03c9c
    armel architecture (ARM EABI)
        Size/MD5 checksum:  1030998 d505cd8eb7543ca6726fdc91de4d823a
        Size/MD5 checksum:   850364 c90307d3eb1fc6b9c0a88cfe3f3ce49e
        Size/MD5 checksum:  1508384 7f7e664d2c2187df7314c16963bcbec4
        Size/MD5 checksum:  2100080 23b91062f109f6a5b8038142b96aa6ac
        Size/MD5 checksum:   540714 a27289a8f7c165c9a1d3bc1e5e47d860
    hppa architecture (HP PA RISC)
        Size/MD5 checksum:   968454 307320e4435ac4f745c4589edac24c44
        Size/MD5 checksum:  1524864 a385c063f0c7bb11d03f0b10af0ae9e2
        Size/MD5 checksum:  2269664 3b20cf2dc9939fe2e7b3f3d0a2ab8022
        Size/MD5 checksum:  1046148 7093672ffc82c1f073e7bd9b362622d6
        Size/MD5 checksum:   634496 0e4ca720c1f5f756160d5658b6876ace
    i386 architecture (Intel ia32)
        Size/MD5 checksum:  2111886 07b55073b62f613cc0866f100d7da71a
        Size/MD5 checksum:   591656 24ec3a4b4a96ddfdec5aa478eb31d0b0
        Size/MD5 checksum:  5389130 70fd24d33bd15049405591f9fc2bbcd1
        Size/MD5 checksum:  1036390 edeadbfad4cb91701d0d854a809f587d
        Size/MD5 checksum:  2975114 5e64360f2e6dd5ac7c01be5700352c3e
    ia64 architecture (Intel ia64)
        Size/MD5 checksum:  1091724 02f18d38bd0d81ad842c0a98e717e0d6
        Size/MD5 checksum:  1282602 288f179800dc55c7a4329b11a6d8606d
        Size/MD5 checksum:   865448 1897cc56f80ba69a6436e35cab884426
        Size/MD5 checksum:  2659298 b0618ea500638424b18abc94e4116b8e
        Size/MD5 checksum:  1466720 02f43deb94f7ca8c7fc14726e0c546e2
    mips architecture (MIPS (Big Endian))
        Size/MD5 checksum:  2305674 af7113bfec7e8b0e68df37ed5f738f64
        Size/MD5 checksum:  1025046 4e292bdc8f72ed8501e5023feb8b02ca
        Size/MD5 checksum:   585108 54d6ca56986ed39dabd7f4abe9d39fea
        Size/MD5 checksum:  1624960 7917a77cac88a712d07667b3a52f512c
        Size/MD5 checksum:   899692 d91d59db784860acb0d1754e1e3ae6dc
    mipsel architecture (MIPS (Little Endian))
        Size/MD5 checksum:   572340 f20f86629cf0413e991ada8d8709ab6a
        Size/MD5 checksum:  2295270 291cd9b3b9716927c199e36ac99cfcdd
        Size/MD5 checksum:  1588064 7a33af46eb5c6fdf29ecd4ccc72fd57a
        Size/MD5 checksum:  1012028 2353015991c7ca5942461695029eba00
        Size/MD5 checksum:   885438 835d6a08a8d0d3dfd12969df207749b1
    powerpc architecture (PowerPC)
        Size/MD5 checksum:  1035248 957678dd206e9da5eeb00812110ac4cc
        Size/MD5 checksum:  1643378 515ead9be6696f9f7cee90acad723e8a
        Size/MD5 checksum:   656142 1c55ca2a303a068dc58b48e41106a372
        Size/MD5 checksum:  2244176 14b5fae6837849223de16552f48afd96
        Size/MD5 checksum:  1000474 d5b0c8be8037fa8eb31e128195d73777
    s390 architecture (IBM S/390)
        Size/MD5 checksum:  1602212 05dc99a65418f046330904a95c6e521d
        Size/MD5 checksum:   692806 efbc1a57f8d002259252d3279bee81d0
        Size/MD5 checksum:  1051028 5b3fb31b94c4a6bf6a8d2612a062e665
        Size/MD5 checksum:  1024346 a2189af0b6688ed65478cb88b818754b
        Size/MD5 checksum:  2231392 1066a2bce93b8eddc9a030bdf0529ced
    sparc architecture (Sun SPARC/UltraSPARC)
        Size/MD5 checksum:  2289642 ce5da789600c428462beb658b427d781
        Size/MD5 checksum:  1044934 f75ef304db194c15ea2de34f841b5825
        Size/MD5 checksum:  2141914 cab94489e491e76c7718dd8f88f89049
        Size/MD5 checksum:   580378 2bfe10092e4cb83d8f4602a3f48ddb75
        Size/MD5 checksum:  3873244 ad31823167dbebe72337f242a2f1cb06
      These files will probably be moved into the stable distribution on
      its next update.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and

    LinuxSecurity Poll

    Do you feel that the Lawful Access to Encrypted Data Act, which aims to force encryption backdoors, is a threat to US citizens' privacy?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"106","title":"Yes - I am a privacy advocate and I am strongly opposed to this bill.","votes":"23","type":"x","order":"1","pct":95.83,"resources":[]},{"id":"107","title":"I'm undecided - it has its pros and cons.","votes":"1","type":"x","order":"2","pct":4.17,"resources":[]},{"id":"108","title":"No - I support this bill and feel that it will help protect against crime and threats to our national security. ","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200


    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.