What Are You Looking For?

Sign Up

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  openssl (SSA:2009-098-01)

New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2,
and -current to fix security issues.

More details about the issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:

  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590


Here are the details from the Slackware 12.2 ChangeLog:
+--------------------------+
patches/packages/openssl-0.9.8h-i486-3_slack12.0.tgz:  Patched (see below).
patches/packages/openssl-solibs-0.9.8h-i486-3_slack12.0.tgz:
  Patched to fix possible crashes as well as a (fairly unlikely) case
  where an invalid signature might verify as valid.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Updated package for Slackware 11.0:
 openssl-solibs-0.9.8h-i486-3_slack11.0.tgz

Updated package for Slackware 12.0:
 openssl-solibs-0.9.8h-i486-3_slack12.0.tgz

Updated package for Slackware 12.1:
 openssl-solibs-0.9.8h-i486-3_slack12.1.tgz

Updated package for Slackware 12.2:
 openssl-solibs-0.9.8i-i486-3_slack12.2.tgz

Updated package for Slackware -current:
 n/openssl-0.9.8k-i486-1.tgz


MD5 signatures:
+-------------+

Slackware 11.0 packages:
e44ec3cba02b75d0a9a2eaa3497cacdd  openssl-0.9.8h-i486-3_slack11.0.tgz
58d2055da525dbce5b311c2b40fad7dc  openssl-solibs-0.9.8h-i486-3_slack11.0.tgz

Slackware 12.0 packages:
5784077250604b326baa2a34f6ead905  openssl-0.9.8h-i486-3_slack12.0.tgz
60b6ed4db2f76634abeab1a99b90cd87  openssl-solibs-0.9.8h-i486-3_slack12.0.tgz

Slackware 12.1 packages:
c83b32d650ade46c3fd162c11fa749fb  openssl-0.9.8h-i486-3_slack12.1.tgz
abda6caa9130093004dd87e093d4a93f  openssl-solibs-0.9.8h-i486-3_slack12.1.tgz

Slackware 12.2 packages:
c910652909f75aa654dfb2835e474edf  openssl-0.9.8i-i486-3_slack12.2.tgz
1acff931e71bddeed83a7ee4726286fa  openssl-solibs-0.9.8i-i486-3_slack12.2.tgz

Slackware -current packages:
b90377904539671507c04168172c4c6c  openssl-solibs-0.9.8k-i486-1.tgz
a43244be109e42168f251f04cef10dd6  openssl-0.9.8k-i486-1.tgz


Installation instructions:
+------------------------+

Upgrade the packages as root:
# upgradepkg openssl-0.9.8i-i486-3_slack12.2.tgz openssl-solibs-0.9.8i-i486-3_slack12.2.tgz


+-----+

Slackware: 2009-098-01: openssl Security Update

April 8, 2009
New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, and -current to fix security issues

Summary

Here are the details from the Slackware 12.2 ChangeLog: patches/packages/openssl-0.9.8h-i486-3_slack12.0.tgz: Patched (see below). patches/packages/openssl-solibs-0.9.8h-i486-3_slack12.0.tgz: Patched to fix possible crashes as well as a (fairly unlikely) case where an invalid signature might verify as valid. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 (* Security fix *)

Where Find New Packages

Updated package for Slackware 11.0: openssl-solibs-0.9.8h-i486-3_slack11.0.tgz
Updated package for Slackware 12.0: openssl-solibs-0.9.8h-i486-3_slack12.0.tgz
Updated package for Slackware 12.1: openssl-solibs-0.9.8h-i486-3_slack12.1.tgz
Updated package for Slackware 12.2: openssl-solibs-0.9.8i-i486-3_slack12.2.tgz
Updated package for Slackware -current: n/openssl-0.9.8k-i486-1.tgz

MD5 Signatures

Slackware 11.0 packages: e44ec3cba02b75d0a9a2eaa3497cacdd openssl-0.9.8h-i486-3_slack11.0.tgz 58d2055da525dbce5b311c2b40fad7dc openssl-solibs-0.9.8h-i486-3_slack11.0.tgz
Slackware 12.0 packages: 5784077250604b326baa2a34f6ead905 openssl-0.9.8h-i486-3_slack12.0.tgz 60b6ed4db2f76634abeab1a99b90cd87 openssl-solibs-0.9.8h-i486-3_slack12.0.tgz
Slackware 12.1 packages: c83b32d650ade46c3fd162c11fa749fb openssl-0.9.8h-i486-3_slack12.1.tgz abda6caa9130093004dd87e093d4a93f openssl-solibs-0.9.8h-i486-3_slack12.1.tgz
Slackware 12.2 packages: c910652909f75aa654dfb2835e474edf openssl-0.9.8i-i486-3_slack12.2.tgz 1acff931e71bddeed83a7ee4726286fa openssl-solibs-0.9.8i-i486-3_slack12.2.tgz
Slackware -current packages: b90377904539671507c04168172c4c6c openssl-solibs-0.9.8k-i486-1.tgz a43244be109e42168f251f04cef10dd6 openssl-0.9.8k-i486-1.tgz

Severity
[slackware-security] openssl (SSA:2009-098-01)
New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, and -current to fix security issues.
More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590

Installation Instructions

Installation instructions: Upgrade the packages as root: # upgradepkg openssl-0.9.8i-i486-3_slack12.2.tgz openssl-solibs-0.9.8i-i486-3_slack12.2.tgz

Related News

Security Highlights from KubeCon + CloudNativeCon 2023

Nov 18, 2023

Kubernetes Security on AWS: A Practical Guide

Nov 18, 2023

OpenSSL 3.2 Adds Support for TCP Fast Open on Linux, Argon2 KDF, and More

Nov 27, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

News

Advisories

HOWTOs

Features

Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap
CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug

About Us

Powered By

Footer Logo