Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Slackware: 2006-257-02 Critical: OpenSSL Signature Forgery Fix

slackware
Calendar Grey September 14, 2006
Dist Slackware Esm H88
Update the OpenSSL packages for Slackware to address a critical vulnerability related to signature forgery.
New openssl packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a signature forgery security issue

Summary

Here are the details from the Slackware 10.2 ChangeLog: patches/packages/openssl-0.9.7g-i486-3_slack10.2.tgz: Patched an issue where it is possible to forge certain kinds of RSA signatures. For more information, see: https://www.cve.org/CVERecord?id=CVE-2006-4339 patches/packages/openssl-solibs-0.9.7g-i486-3_slack10.2.tgz: Patched an issue where it is possible to forge certain kinds of RSA signatures. For more information, see: https://www.cve.org/CVERecord?id=CVE-2006-4339 (* Security fix *)

Topics%20covered

Topics Covered

security advisory critical package update slackware openssl signature forgery

Where Find New Packages

HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated packages for Slackware 8.1: ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/openssl-0.9.6m-i386-3_slack8.1.tgz ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/openssl-solibs-0.9.6m-i386-3_slack8.1.tgz
Updated packages for Slackware 9.0:
Updated packages for Slackware 9.1:
Updated packages for Slackware 10.0:
Updated packages for Slackware 10.1:
Updated packages for Slackware 10.2:
Updated packages for Slackware -current:

MD5 Signatures

Slackware 8.1 package: 8eb460bcf30a2b8649b43ce085a2d629 openssl-0.9.6m-i386-3_slack8.1.tgz 43578bf56567cec38b361a47af7d23d0 openssl-solibs-0.9.6m-i386-3_slack8.1.tgz
Slackware 9.0 package: 51dee49448ec798ebd0b317a72c7e81f openssl-0.9.7d-i386-3_slack9.0.tgz 27f40cc16422feed2e068d8066c9452c openssl-solibs-0.9.7d-i386-3_slack9.0.tgz
Slackware 9.1 package: fec2941e31e0a50de2c5eb6059ccbcc2 openssl-0.9.7d-i486-3_slack9.1.tgz 840095da5157bf39858c3f0107db7869 openssl-solibs-0.9.7d-i486-3_slack9.1.tgz
Slackware 10.0 package: 2d338b944b751cfb45e0223525209252 openssl-0.9.7d-i486-3_slack10.0.tgz 55e97324e33cfabd94193236409a3150 openssl-solibs-0.9.7d-i486-3_slack10.0.tgz
Slackware 10.1 package: ac64c572b69525577d9b76140e40a6c4 openssl-0.9.7e-i486-5_slack10.1.tgz ed748fda21abe6a712528c0e4925b0d5 openssl-solibs-0.9.7e-i486-5_slack10.1.tgz
Slackware 10.2 package: 2cf5cc14e372810841d9b9d5baf7463f openssl-0.9.7g-i486-3_slack10.2.tgz 462d464d137df3a86a40e8cf0855b4a0 openssl-solibs-0.9.7g-i486-3_slack10.2.tgz
Slackware -current package: bea03b7a361267a61c7f97ef8065e178 openssl-0.9.8b-i486-2.tgz d7adfc4403f42015eeb94e8d93feba74 openssl-solibs-0.9.8b-i486-2.tgz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory critical package update slackware openssl signature forgery

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the packages as root: # upgradepkg openssl-solibs-0.9.7g-i486-3_slack10.2.tgz openssl-0.9.7g-i486-3_slack10.2.tgz

Related News

Your message here