Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Slackware 14.1 Security Update: OpenSSL Critical Issues Addressed

slackware
Calendar Grey August 8, 2014
Dist Slackware Esm H88
Latest openssl updates released for Slackware. Immediate upgrade recommended to address essential security vulnerabilities. Take action now!
New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues

Summary

Here are the details from the Slackware 14.1 ChangeLog: patches/packages/openssl-1.0.1i-i486-1_slack14.1.txz: Upgraded. This update fixes several security issues: Double Free when processing DTLS packets (CVE-2014-3505) DTLS memory exhaustion (CVE-2014-3506) DTLS memory leak from zero-length fragments (CVE-2014-3507) Information leak in pretty printing functions (CVE-2014-3508) Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509) OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510) OpenSSL TLS protocol downgrade attack (CVE-2014-3511) SRP buffer overrun (CVE-2014-3512) Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139) For more information, see: https://www.cve.org/CVERecord?id=CVE-2014-3505 https://www.cve.org/CVERecord?id=CVE-2014-3506 https://www.cve.org/CVERecord?id=CVE-2014-3507 https://www.cve.org/CVERecord?id=CVE-2014-3508 https://www.cve.org/CVERecord?id=CVE-2014-3509

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory critical package update Slackware Denial of Service openssl Urgent

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated packages for Slackware 13.0:
Updated packages for Slackware x86_64 13.0:
Updated packages for Slackware 13.1:
Updated packages for Slackware x86_64 13.1:
Updated packages for Slackware 13.37:
Updated packages for Slackware x86_64 13.37:
Updated packages for Slackware 14.0:
Updated packages for Slackware x86_64 14.0:
Updated packages for Slackware 14.1:
Updated packages for Slackware x86_64 14.1:
Updated packages for Slackware -current:
Updated packages for Slackware x86_64 -current:

MD5 Signatures

Slackware 13.0 packages: 30bdc015b10d8891b90d3f6ea34f5fdd openssl-0.9.8zb-i486-1_slack13.0.txz 3dc4140c22c04c94e5e74386a5a1c200 openssl-solibs-0.9.8zb-i486-1_slack13.0.txz
Slackware x86_64 13.0 packages: 3da32f51273762d67bf9dbcc91af9413 openssl-0.9.8zb-x86_64-1_slack13.0.txz 075e5d12e5b909ecac923cb210f83544 openssl-solibs-0.9.8zb-x86_64-1_slack13.0.txz
Slackware 13.1 packages: 3b7e2bb2b317bf72b8f9b2b7a14bddfb openssl-0.9.8zb-i486-1_slack13.1.txz 92af0784eade0674332a56bfab73b97d openssl-solibs-0.9.8zb-i486-1_slack13.1.txz
Slackware x86_64 13.1 packages: df5f961109d7b50971660ca6a7d4c48c openssl-0.9.8zb-x86_64-1_slack13.1.txz 582aaeae3d56730a2e1538a67d4e44da openssl-solibs-0.9.8zb-x86_64-1_slack13.1.txz
Slackware 13.37 packages: 546445d56d3b367fa0dd4e80859c4620 openssl-0.9.8zb-i486-1_slack13.37.txz b80e9df8cdd0649939ec2fab20d24691 openssl-solibs-0.9.8zb-i486-1_slack13.37.txz
Slackware x86_64 13.37 packages: 9c9ce97dc21340924a3e27c1a8047023 openssl-0.9.8zb-x86_64-1_slack13.37.txz 0fe1931f2fc82fb8d5fbe72680caf843 openssl-solibs-0.9.8zb-x86_64-1_slack13.37.txz
Slackware 14.0 packages: d1580f4b22b99cee42b22276653c8180 openssl-1.0.1i-i486-1_slack14.0.txz ec93cec2bcab8ae7391a504573cbc231 openssl-solibs-1.0.1i-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: 329475de3759225b1d02aa7317b2eb58 openssl-1.0.1i-x86_64-1_slack14.0.txz 25f2a198022d974534986a3913ca705c openssl-solibs-1.0.1i-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 8336457bc31d44ebf502ffc4443f12f7 openssl-1.0.1i-i486-1_slack14.1.txz 4b99ac357fbd3065c53367eea246b8c7 openssl-solibs-1.0.1i-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: f2b8f81d9d7dc02e5d1011f663ccc95d openssl-1.0.1i-x86_64-1_slack14.1.txz 4360abffbb57cb18ba0720f782d78250 openssl-solibs-1.0.1i-x86_64-1_slack14.1.txz
Slackware -current packages: 49ecd332a899cf742d3467a6efe44269 a/openssl-solibs-1.0.1i-i486-1.txz 27da017c49045981b1793f105aff365f n/openssl-1.0.1i-i486-1.txz
Slackware x86_64 -current packages: 8d74f3d770802182137c84d925f58cbc a/openssl-solibs-1.0.1i-x86_64-1.txz fd9d94d3210f0aedf74959cb0887e2b8 n/openssl-1.0.1i-x86_64-1.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory critical package update Slackware Denial of Service openssl Urgent

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the packages as root: # upgradepkg openssl-1.0.1i-i486-1_slack14.1.txz openssl-solibs-1.0.1i-i486-1_slack14.1.txz

Related News

Your message here