--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2007-2530
2007-10-18 02:26:13.687164
--------------------------------------------------------------------------------Name        : openssl
Product     : Fedora 7
Version     : 0.9.8b
Release     : 15.fc7
URL         : https://www.openssl.org:443/
Summary     : The OpenSSL toolkit
Description :
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

--------------------------------------------------------------------------------Update Information:

This is important security update.

--------------------------------------------------------------------------------ChangeLog:

* Fri Oct 12 2007 Tomas Mraz  0.9.8b-15
- fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309801)
- fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321191)
* Fri Aug  3 2007 Tomas Mraz  0.9.8b-14
- use localhost in testsuite, hopefully fixes slow build in koji
- CVE-2007-3108 - fix side channel attack on private keys (#250577)
- make ssl session cache id matching strict (#233599)
* Wed Jul 25 2007 Tomas Mraz  0.9.8b-13
- allow building on ARM architectures (#245417)
- use reference timestamps to prevent multilib conflicts (#218064)
- -devel package must require pkgconfig (#241031)
--------------------------------------------------------------------------------References:

  [ 1 ] CVE-2007-4995
          [ 2 ] CVE-2007-5135
        --------------------------------------------------------------------------------Updated packages:

c37df9f93cb60be5979b3f298ea3ae9814af232a openssl-0.9.8b-15.fc7.i686.rpm
872818ef2e57fa32d5c1d54a2d47bf2126c6fe63 openssl-debuginfo-0.9.8b-15.fc7.i686.rpm
a75fdd97bbeaf8ace8b96e83ed16e62a4a2e18b8 openssl-perl-0.9.8b-15.fc7.ppc64.rpm
6b43364c50ce7d644d63bbf6a6be68099b1d0176 openssl-0.9.8b-15.fc7.ppc64.rpm
5620e969c6536cdb68e1f5f44c860549b54b779b openssl-devel-0.9.8b-15.fc7.ppc64.rpm
20135cbd53849dd3ee073b550d84be21a1e0bed0 openssl-debuginfo-0.9.8b-15.fc7.ppc64.rpm
56db1f0bdff4a5ca1adc17999109363516ce4328 openssl-debuginfo-0.9.8b-15.fc7.i386.rpm
deb4791d48a17f547d167f7148c7b63e17afb55f openssl-devel-0.9.8b-15.fc7.i386.rpm
078a081396b3df338a07a5afc6e0e2f48123121b openssl-perl-0.9.8b-15.fc7.i386.rpm
00723bb077e41db70a379ba0f61a3f69a22a45d1 openssl-0.9.8b-15.fc7.i386.rpm
28964ed870499621571216e1b7ab1dee7ede7db4 openssl-perl-0.9.8b-15.fc7.x86_64.rpm
69f4c1496ffd3dd2be0e33249916039fbfa99dd6 openssl-0.9.8b-15.fc7.x86_64.rpm
8409e1077ca142d07c642af25f2bb090ea65561d openssl-devel-0.9.8b-15.fc7.x86_64.rpm
3d99d176e08a94e94d92516edee9d986f0a17bca openssl-debuginfo-0.9.8b-15.fc7.x86_64.rpm
024f3b18eb38869b94fadc83f9e1df8c52eaab54 openssl-devel-0.9.8b-15.fc7.ppc.rpm
afec7510de2b5b2bdec29508e38c2b48a10e9b81 openssl-debuginfo-0.9.8b-15.fc7.ppc.rpm
f9a7ada4fc87e54b86431aab03c8defb3c250bda openssl-perl-0.9.8b-15.fc7.ppc.rpm
6afadb49f1c65586b59af8010ee73a2d08f7776e openssl-0.9.8b-15.fc7.ppc.rpm
13f6e045792d030418081bae3b1c2606c6975b05 openssl-0.9.8b-15.fc7.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update openssl' 
at the command line.  For more information, refer to "Managing Software
with yum", available at .
--------------------------------------------------------------------------------_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora 7 Update: openssl-0.9.8b-15.fc7

October 17, 2007
This is important security update: fix an off-by-one in SSL_get_shared_ciphers and fix out of order DTLS fragments buffer overflow.

Summary

The OpenSSL toolkit provides support for secure communications between

machines. OpenSSL includes a certificate management tool and shared

libraries which provide various cryptographic algorithms and

protocols.

This is important security update.

* Fri Oct 12 2007 Tomas Mraz 0.9.8b-15

- fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309801)

- fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321191)

* Fri Aug 3 2007 Tomas Mraz 0.9.8b-14

- use localhost in testsuite, hopefully fixes slow build in koji

- CVE-2007-3108 - fix side channel attack on private keys (#250577)

- make ssl session cache id matching strict (#233599)

* Wed Jul 25 2007 Tomas Mraz 0.9.8b-13

- allow building on ARM architectures (#245417)

- use reference timestamps to prevent multilib conflicts (#218064)

- -devel package must require pkgconfig (#241031)

[ 1 ] CVE-2007-4995

[ 2 ] CVE-2007-5135

c37df9f93cb60be5979b3f298ea3ae9814af232a openssl-0.9.8b-15.fc7.i686.rpm

872818ef2e57fa32d5c1d54a2d47bf2126c6fe63 openssl-debuginfo-0.9.8b-15.fc7.i686.rpm

a75fdd97bbeaf8ace8b96e83ed16e62a4a2e18b8 openssl-perl-0.9.8b-15.fc7.ppc64.rpm

6b43364c50ce7d644d63bbf6a6be68099b1d0176 openssl-0.9.8b-15.fc7.ppc64.rpm

5620e969c6536cdb68e1f5f44c860549b54b779b openssl-devel-0.9.8b-15.fc7.ppc64.rpm

20135cbd53849dd3ee073b550d84be21a1e0bed0 openssl-debuginfo-0.9.8b-15.fc7.ppc64.rpm

56db1f0bdff4a5ca1adc17999109363516ce4328 openssl-debuginfo-0.9.8b-15.fc7.i386.rpm

deb4791d48a17f547d167f7148c7b63e17afb55f openssl-devel-0.9.8b-15.fc7.i386.rpm

078a081396b3df338a07a5afc6e0e2f48123121b openssl-perl-0.9.8b-15.fc7.i386.rpm

00723bb077e41db70a379ba0f61a3f69a22a45d1 openssl-0.9.8b-15.fc7.i386.rpm

28964ed870499621571216e1b7ab1dee7ede7db4 openssl-perl-0.9.8b-15.fc7.x86_64.rpm

69f4c1496ffd3dd2be0e33249916039fbfa99dd6 openssl-0.9.8b-15.fc7.x86_64.rpm

8409e1077ca142d07c642af25f2bb090ea65561d openssl-devel-0.9.8b-15.fc7.x86_64.rpm

3d99d176e08a94e94d92516edee9d986f0a17bca openssl-debuginfo-0.9.8b-15.fc7.x86_64.rpm

024f3b18eb38869b94fadc83f9e1df8c52eaab54 openssl-devel-0.9.8b-15.fc7.ppc.rpm

afec7510de2b5b2bdec29508e38c2b48a10e9b81 openssl-debuginfo-0.9.8b-15.fc7.ppc.rpm

f9a7ada4fc87e54b86431aab03c8defb3c250bda openssl-perl-0.9.8b-15.fc7.ppc.rpm

6afadb49f1c65586b59af8010ee73a2d08f7776e openssl-0.9.8b-15.fc7.ppc.rpm

13f6e045792d030418081bae3b1c2606c6975b05 openssl-0.9.8b-15.fc7.src.rpm

This update can be installed with the "yum" update program. Use

su -c 'yum update openssl'

at the command line. For more information, refer to "Managing Software

with yum", available at .

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-package-announce

FEDORA-2007-2530 2007-10-18 02:26:13.687164 Product : Fedora 7 Version : 0.9.8b Release : 15.fc7 URL : https://www.openssl.org:443/ Summary : The OpenSSL toolkit Description : The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. This is important security update. * Fri Oct 12 2007 Tomas Mraz 0.9.8b-15 - fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309801) - fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321191) * Fri Aug 3 2007 Tomas Mraz 0.9.8b-14 - use localhost in testsuite, hopefully fixes slow build in koji - CVE-2007-3108 - fix side channel attack on private keys (#250577) - make ssl session cache id matching strict (#233599) * Wed Jul 25 2007 Tomas Mraz 0.9.8b-13 - allow building on ARM architectures (#245417) - use reference timestamps to prevent multilib conflicts (#218064) - -devel package must require pkgconfig (#241031) [ 1 ] CVE-2007-4995 [ 2 ] CVE-2007-5135 c37df9f93cb60be5979b3f298ea3ae9814af232a openssl-0.9.8b-15.fc7.i686.rpm 872818ef2e57fa32d5c1d54a2d47bf2126c6fe63 openssl-debuginfo-0.9.8b-15.fc7.i686.rpm a75fdd97bbeaf8ace8b96e83ed16e62a4a2e18b8 openssl-perl-0.9.8b-15.fc7.ppc64.rpm 6b43364c50ce7d644d63bbf6a6be68099b1d0176 openssl-0.9.8b-15.fc7.ppc64.rpm 5620e969c6536cdb68e1f5f44c860549b54b779b openssl-devel-0.9.8b-15.fc7.ppc64.rpm 20135cbd53849dd3ee073b550d84be21a1e0bed0 openssl-debuginfo-0.9.8b-15.fc7.ppc64.rpm 56db1f0bdff4a5ca1adc17999109363516ce4328 openssl-debuginfo-0.9.8b-15.fc7.i386.rpm deb4791d48a17f547d167f7148c7b63e17afb55f openssl-devel-0.9.8b-15.fc7.i386.rpm 078a081396b3df338a07a5afc6e0e2f48123121b openssl-perl-0.9.8b-15.fc7.i386.rpm 00723bb077e41db70a379ba0f61a3f69a22a45d1 openssl-0.9.8b-15.fc7.i386.rpm 28964ed870499621571216e1b7ab1dee7ede7db4 openssl-perl-0.9.8b-15.fc7.x86_64.rpm 69f4c1496ffd3dd2be0e33249916039fbfa99dd6 openssl-0.9.8b-15.fc7.x86_64.rpm 8409e1077ca142d07c642af25f2bb090ea65561d openssl-devel-0.9.8b-15.fc7.x86_64.rpm 3d99d176e08a94e94d92516edee9d986f0a17bca openssl-debuginfo-0.9.8b-15.fc7.x86_64.rpm 024f3b18eb38869b94fadc83f9e1df8c52eaab54 openssl-devel-0.9.8b-15.fc7.ppc.rpm afec7510de2b5b2bdec29508e38c2b48a10e9b81 openssl-debuginfo-0.9.8b-15.fc7.ppc.rpm f9a7ada4fc87e54b86431aab03c8defb3c250bda openssl-perl-0.9.8b-15.fc7.ppc.rpm 6afadb49f1c65586b59af8010ee73a2d08f7776e openssl-0.9.8b-15.fc7.ppc.rpm 13f6e045792d030418081bae3b1c2606c6975b05 openssl-0.9.8b-15.fc7.src.rpm This update can be installed with the "yum" update program. Use su -c 'yum update openssl' at the command line. For more information, refer to "Managing Software with yum", available at . Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce

Change Log

References

Update Instructions

Severity
Product : Fedora 7
Version : 0.9.8b
Release : 15.fc7
URL : https://www.openssl.org:443/
Summary : The OpenSSL toolkit

Related News

19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved