SciLinux: CVE-2009-3245 Important: openssl096b SL3.x, SL4.x i386/x86_64
Summary
It was discovered that OpenSSL did not always check the return value ofthe bn_wexpand() function. An attacker able to trigger a memoryallocation failure in that function could cause an application using theOpenSSL library to crash or, possibly, execute arbitrary code.(CVE-2009-3245)For the update to take effect, all programs using the openssl096blibrary must be restarted.SL 3.0.xSRPMS:openssl096b-0.9.6b-16.50.src.rpmi386:openssl096b-0.9.6b-16.50.i386.rpmx86_64:openssl096b-0.9.6b-16.50.i386.rpmopenssl096b-0.9.6b-16.50.x86_64.rpm