Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 510
Alerts This Week
Warning Icon 1 510

Red Hat: RHSA-2022:112-45 Urgent: OpenSSL Security Vulnerability

red hat
Calendar Grey July 18, 2001
Dist Redhat Esm H88
Debian announces updates to its Cryptography modules, targeting critical weaknesses in digital signature algorithms, especially concerning issues with key generation.
Multiple vulnerabilities including a flaw in the pseudo-random unber generation exist in previous versions of OpenSSL.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For all RPMs downloaded for your particular architecture, run:

rpm -Uvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Because of dependencies, the packages must be installed as a group.

Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed ( for more info):

37730 - OpenSSL-0.9.6a has security fixes 24079 - openssl in updates area built for wrong arch

6. RPMs required:

Red Hat Linux 6.2:

SRPMS:


alpha:





i386:





sparc:





Red Hat Linux 7.0:

SRPMS:



alpha:






i386:






Red Hat Linux 7.1:

SRPMS:




alpha:







i386:







7. Verification:

MD5 sum Package Name ae3822c64b58a9a9b2c99a716a810481 6.2/en/os/SRPMS/openssl-0.9.5a-7.6.x.src.rpm ecd930fad4bb9782b5b2195701b6b141 6.2/en/os/alpha/openssl-0.9.5a-7.6.x.alpha.rpm e48e4dd6801c79092c4cc8e035a40bc9 6.2/en/os/alpha/openssl-devel-0.9.5a-7.6.x.alpha.rpm ab7e2edc9e9ebfdf101f0a9e5c705ceb 6.2/en/os/alpha/openssl-perl-0.9.5a-7.6.x.alpha.rpm 156419e44b70f606f6fa93092550bf08 6.2/en/os/alpha/openssl-python-0.9.5a-7.6.x.alpha.rpm ec66fd4f28e20f218b4b184ac8a48b84 6.2/en/os/i386/openssl-0.9.5a-7.6.x.i386.rpm 984e58a1f2fd6a13cda5142fa7282a6e 6.2/en/os/i386/openssl-devel-0.9.5a-7.6.x.i386.rpm fe3f2d7f171c31f79da93d96340d6e06 6.2/en/os/i386/openssl-perl-0.9.5a-7.6.x.i386.rpm b417a574742ff88c6b805c413c55cf3e 6.2/en/os/i386/openssl-python-0.9.5a-7.6.x.i386.rpm 2982432f5079dff2252c1da6fa9743e2 6.2/en/os/sparc/openssl-0.9.5a-7.6.x.sparc.rpm 561d6da5e2d7d3716562b080b62eb5d7 6.2/en/os/sparc/openssl-devel-0.9.5a-7.6.x.sparc.rpm 5a7841be3320289332ed40750068e89c 6.2/en/os/sparc/openssl-perl-0.9.5a-7.6.x.sparc.rpm 225711edc674bf2b211190021190d8c9 6.2/en/os/sparc/openssl-python-0.9.5a-7.6.x.sparc.rpm bdc921206bdcf76248db79df91d267cb 7.0/en/os/SRPMS/openssl-0.9.6-9.src.rpm d197f8d718faeb6e3ec5565cd8010656 7.0/en/os/SRPMS/openssl095a-0.9.5a-9.src.rpm ed07fa3c26966900a39241c4ca04ec9d 7.0/en/os/alpha/openssl-0.9.6-9.alpha.rpm a8cfeb422c1f8a99c57ab5e31180c70c 7.0/en/os/alpha/openssl-devel-0.9.6-9.alpha.rpm a66469cfb642bfac79faba96df25f830 7.0/en/os/alpha/openssl-perl-0.9.6-9.alpha.rpm f4be46246227f4012793da5d5bb4d6ed 7.0/en/os/alpha/openssl-python-0.9.6-9.alpha.rpm 17779cc51b5464fc78dcd07cf58064ca 7.0/en/os/alpha/openssl095a-0.9.5a-9.alpha.rpm a0a91187159d23e9efa2a8b4e80595a6 7.0/en/os/i386/openssl-0.9.6-9.i386.rpm b01adfae1485fd3bfc0da259e25f62d8 7.0/en/os/i386/openssl-devel-0.9.6-9.i386.rpm 82487ca3e5cb8161b2a7be07fcbdd3a4 7.0/en/os/i386/openssl-perl-0.9.6-9.i386.rpm d853627c2521c8184b1216b643e7f7f8 7.0/en/os/i386/openssl-python-0.9.6-9.i386.rpm 4c59d4f6bc52fd7985ae2e499ddb8a6f 7.0/en/os/i386/openssl095a-0.9.5a-9.i386.rpm 9719bf4aa5048825c132c29eb58de3b0 7.1/en/os/SRPMS/nss_ldap-149-4.src.rpm bdc921206bdcf76248db79df91d267cb 7.1/en/os/SRPMS/openssl-0.9.6-9.src.rpm d197f8d718faeb6e3ec5565cd8010656 7.1/en/os/SRPMS/openssl095a-0.9.5a-9.src.rpm 4201cbfc441517570d0c2bd332ce1701 7.1/en/os/alpha/nss_ldap-149-4.alpha.rpm ed07fa3c26966900a39241c4ca04ec9d 7.1/en/os/alpha/openssl-0.9.6-9.alpha.rpm a8cfeb422c1f8a99c57ab5e31180c70c 7.1/en/os/alpha/openssl-devel-0.9.6-9.alpha.rpm a66469cfb642bfac79faba96df25f830 7.1/en/os/alpha/openssl-perl-0.9.6-9.alpha.rpm f4be46246227f4012793da5d5bb4d6ed 7.1/en/os/alpha/openssl-python-0.9.6-9.alpha.rpm 17779cc51b5464fc78dcd07cf58064ca 7.1/en/os/alpha/openssl095a-0.9.5a-9.alpha.rpm 69cc5ae8f7a386ec05a6a35efdebe5db 7.1/en/os/i386/nss_ldap-149-4.i386.rpm a0a91187159d23e9efa2a8b4e80595a6 7.1/en/os/i386/openssl-0.9.6-9.i386.rpm b01adfae1485fd3bfc0da259e25f62d8 7.1/en/os/i386/openssl-devel-0.9.6-9.i386.rpm 82487ca3e5cb8161b2a7be07fcbdd3a4 7.1/en/os/i386/openssl-perl-0.9.6-9.i386.rpm d853627c2521c8184b1216b643e7f7f8 7.1/en/os/i386/openssl-python-0.9.6-9.i386.rpm 4c59d4f6bc52fd7985ae2e499ddb8a6f 7.1/en/os/i386/openssl095a-0.9.5a-9.i386.rpm

These packages are GPG signed by Red Hat, Inc. for security. Our key is available at:


You can verify each package with the following command: rpm --checksig

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg

Summary

References

http://marc.theaimsgroup.com/?l=openssl-announce&m=98655255404174&w=2 stanford openssl Copyright(c) 2000, 2001 Red Hat, Inc. `

Package List


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2001:051-18
Issue date: 2001-04-17
Updated on: 2001-07-18
Product: Red Hat Linux
Keywords: openssl 0.9.6a 0.9.6b bleichenbacher premaster crt setugid prng
Cross references:
Obsoletes: RHEA-2000:085

Topic

Relevant Releases Architectures

Red Hat Linux 6.2 - alpha, i386, sparc

Red Hat Linux 7.0 - alpha, i386

Red Hat Linux 7.1 - alpha, i386

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.