Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Wed, 26 Oct 2011 08:54:17 -0500 Reply-To: Pat RieheckySender: Security Errata for Scientific Linux From: Pat Riehecky Organization: Fermilab Subject: FASTBUGS for SL 5x i386, x86_64 now available MIME-Version: 1.0 The following FASTBUGS have been uploaded to i386: cvs-1.11.22-9.el5.i386.rpm cvs-inetd-1.11.22-9.el5.i386.rpm pdksh-5.2.14-37.el5.i386.rpm x86_64: cvs-1.11.22-9.el5.x86_64.rpm cvs-inetd-1.11.22-9.el5.x86_64.rpm pdksh-5.2.14-37.el5.x86_64.rpm Date: Wed, 26 Oct 2011 08:54:38 -0500 Reply-To: Pat Riehecky Sender: Security Errata for Scientific Linux From: Pat Riehecky Organization: Fermilab Subject: FASTBUGS for SL 6x i386, x86_64 now available MIME-Version: 1.0 The following FASTBUGS have been uploaded to i386: dmidecode-2.11-2.el6_1.i686.rpm kexec-tools-2.0.0-188.el6_1.2.i686.rpm lldpad-0.9.41-4.el6_1.5.i686.rpm lldpad-devel-0.9.41-4.el6_1.5.i686.rpm nfs-utils-1.2.3-7.el6_1.1.i686.rpm opencryptoki-2.3.3-2.el6_1.1.i686.rpm opencryptoki-devel-2.3.3-2.el6_1.1.i686.rpm opencryptoki-libs-2.3.3-2.el6_1.1.i686.rpm qpid-cpp-client-0.10-8.el6_1.i686.rpm qpid-cpp-client-devel-0.10-8.el6_1.i686.rpm qpid-cpp-client-devel-docs-0.10-8.el6_1.noarch.rpm qpid-cpp-client-rdma-0.10-8.el6_1.i686.rpm qpid-cpp-client-ssl-0.10-8.el6_1.i686.rpm qpid-cpp-server-0.10-8.el6_1.i686.rpm qpid-cpp-server-cluster-0.10-8.el6_1.i686.rpm qpid-cpp-server-devel-0.10-8.el6_1.i686.rpm qpid-cpp-server-rdma-0.10-8.el6_1.i686.rpm qpid-cpp-server-ssl-0.10-8.el6_1.i686.rpm qpid-cpp-server-store-0.10-8.el6_1.i686.rpm qpid-cpp-server-xml-0.10-8.el6_1.i686.rpm rh-qpid-cpp-tests-0.10-8.el6_1.i686.rpm x86_64: dmidecode-2.11-2.el6_1.x86_64.rpm kexec-tools-2.0.0-188.el6_1.2.x86_64.rpm lldpad-0.9.41-4.el6_1.5.x86_64.rpm lldpad-devel-0.9.41-4.el6_1.5.i686.rpm lldpad-devel-0.9.41-4.el6_1.5.x86_64.rpm nfs-utils-1.2.3-7.el6_1.1.x86_64.rpm opencryptoki-2.3.3-2.el6_1.1.x86_64.rpm opencryptoki-devel-2.3.3-2.el6_1.1.i686.rpm opencryptoki-devel-2.3.3-2.el6_1.1.x86_64.rpm opencryptoki-libs-2.3.3-2.el6_1.1.i686.rpm opencryptoki-libs-2.3.3-2.el6_1.1.x86_64.rpm qpid-cpp-client-0.10-8.el6_1.i686.rpm qpid-cpp-client-0.10-8.el6_1.x86_64.rpm qpid-cpp-client-devel-0.10-8.el6_1.x86_64.rpm qpid-cpp-client-devel-docs-0.10-8.el6_1.noarch.rpm qpid-cpp-client-rdma-0.10-8.el6_1.x86_64.rpm qpid-cpp-client-ssl-0.10-8.el6_1.i686.rpm qpid-cpp-client-ssl-0.10-8.el6_1.x86_64.rpm qpid-cpp-server-0.10-8.el6_1.i686.rpm qpid-cpp-server-0.10-8.el6_1.x86_64.rpm qpid-cpp-server-cluster-0.10-8.el6_1.x86_64.rpm qpid-cpp-server-devel-0.10-8.el6_1.x86_64.rpm qpid-cpp-server-rdma-0.10-8.el6_1.x86_64.rpm qpid-cpp-server-ssl-0.10-8.el6_1.x86_64.rpm qpid-cpp-server-store-0.10-8.el6_1.x86_64.rpm qpid-cpp-server-xml-0.10-8.el6_1.x86_64.rpm rh-qpid-cpp-tests-0.10-8.el6_1.x86_64.rpm Date: Wed, 26 Oct 2011 14:06:09 -0500 Reply-To: This email address is being protected from spambots. You need JavaScript enabled to view it. Sender: Security Errata for Scientific LinuxFrom: Pat Riehecky Subject: Security ERRATA Moderate: openssl on SL6.x i386/x86_64 Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it. Synopsis: Moderate: openssl security update Issue Date: 2011-10-26 CVE Numbers: CVE-2011-3207 OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. An uninitialized variable use flaw was found in OpenSSL. This flaw could cause an application using the OpenSSL Certificate Revocation List (CRL) checking functionality to incorrectly accept a CRL that has a nextUpdate date in the past. (CVE-2011-3207) All OpenSSL users should upgrade to these updated packages, which contain a backported patch to resolve this issue. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. SL6: i386 openssl-1.0.0-10.el6_1.5.i686.rpm openssl-debuginfo-1.0.0-10.el6_1.5.i686.rpm openssl-devel-1.0.0-10.el6_1.5.i686.rpm openssl-perl-1.0.0-10.el6_1.5.i686.rpm openssl-static-1.0.0-10.el6_1.5.i686.rpm x86_64 openssl-1.0.0-10.el6_1.5.i686.rpm openssl-1.0.0-10.el6_1.5.x86_64.rpm openssl-debuginfo-1.0.0-10.el6_1.5.i686.rpm openssl-debuginfo-1.0.0-10.el6_1.5.x86_64.rpm openssl-devel-1.0.0-10.el6_1.5.i686.rpm openssl-devel-1.0.0-10.el6_1.5.x86_64.rpm openssl-perl-1.0.0-10.el6_1.5.x86_64.rpm openssl-static-1.0.0-10.el6_1.5.x86_64.rpm - Scientific Linux Development Team lastline