Alerts This Week
Warning Icon 1 540
Alerts This Week
Warning Icon 1 540

Slackware 14.1 Security Update: OpenSSL Critical Threat Resolved

slackware
Calendar Grey January 9, 2015
Dist Slackware Esm H88
Fresh OpenSSL updates released for Slackware addressing vulnerabilities. Check out the specifics on these essential patches and the steps for upgrading.
New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues

Summary

Here are the details from the Slackware 14.1 ChangeLog: patches/packages/openssl-1.0.1k-i486-1_slack14.1.txz: Upgraded. This update fixes several security issues: DTLS segmentation fault in dtls1_get_record (CVE-2014-3571) DTLS memory leak in dtls1_buffer_record (CVE-2015-0206) no-ssl3 configuration sets method to NULL (CVE-2014-3569) ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572) RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204) DH client certificates accepted without verification [Server] (CVE-2015-0205) Certificate fingerprints can be modified (CVE-2014-8275) Bignum squaring may produce incorrect results (CVE-2014-3570) For more information, see: https://www.cve.org/CVERecord?id=CVE-2014-3571 https://www.cve.org/CVERecord?id=CVE-2015-0206 https://www.cve.org/CVERecord?id=CVE-2014-3569 https://www.cve.org/CVERecord?id=CVE-2014-3572 https://www.cve.org/CVERecord?id=CVE-2015-0204

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory DoS security fix critical threat package upgrade Slackware openssl

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated packages for Slackware 13.0:
Updated packages for Slackware x86_64 13.0:
Updated packages for Slackware 13.1:
Updated packages for Slackware x86_64 13.1:
Updated packages for Slackware 13.37:
Updated packages for Slackware x86_64 13.37:
Updated packages for Slackware 14.0:
Updated packages for Slackware x86_64 14.0:
Updated packages for Slackware 14.1:
Updated packages for Slackware x86_64 14.1:
Updated packages for Slackware -current:
Updated packages for Slackware x86_64 -current:

MD5 Signatures

Slackware 13.0 packages: 7011638e44786670642a29b13adbb4cd openssl-0.9.8zd-i486-1_slack13.0.txz 239cd5697b2633e68aae60f84728ec3d openssl-solibs-0.9.8zd-i486-1_slack13.0.txz
Slackware x86_64 13.0 packages: 953f3ea84349050f9075d69f190c4ef0 openssl-0.9.8zd-x86_64-1_slack13.0.txz e4cb8384a1a5fd0730f47b0d66844973 openssl-solibs-0.9.8zd-x86_64-1_slack13.0.txz
Slackware 13.1 packages: 60a91060b530795c3aec7776e559069b openssl-0.9.8zd-i486-1_slack13.1.txz 25833ee7c47234dfc57333e4e6ac9516 openssl-solibs-0.9.8zd-i486-1_slack13.1.txz
Slackware x86_64 13.1 packages: 936f04a96087ac8b242fc468ab4902af openssl-0.9.8zd-x86_64-1_slack13.1.txz 2e822308f12b71adbe1d63d3bb7dac44 openssl-solibs-0.9.8zd-x86_64-1_slack13.1.txz
Slackware 13.37 packages: 90d89193c9625543a0b22595ba6e6989 openssl-0.9.8zd-i486-1_slack13.37.txz 83d2ba9b537949d5a882433c19232049 openssl-solibs-0.9.8zd-i486-1_slack13.37.txz
Slackware x86_64 13.37 packages: 644c8acaf2ea6f5ea6fd197ee3d367f9 openssl-0.9.8zd-x86_64-1_slack13.37.txz ebbae4f2e239906132fddbc8cc1f64cb openssl-solibs-0.9.8zd-x86_64-1_slack13.37.txz
Slackware 14.0 packages: 4400c395a2de5b68e880a76092dadd47 openssl-1.0.1k-i486-1_slack14.0.txz b2455038898a8715310f4ab732c11f71 openssl-solibs-1.0.1k-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: f912cf9ec0d25495b1534c61563541be openssl-1.0.1k-x86_64-1_slack14.0.txz 4eeed382d27de024e4f9e69aec1c148d openssl-solibs-1.0.1k-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 299f48c01718e425e44844f54b34199d openssl-1.0.1k-i486-1_slack14.1.txz ca6b49bb17c602e6637edca5686afc10 openssl-solibs-1.0.1k-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: b9071e68e60d598a85659df0519131c2 openssl-1.0.1k-x86_64-1_slack14.1.txz a835c6471b1cf5b162afe0782a6384bc openssl-solibs-1.0.1k-x86_64-1_slack14.1.txz
Slackware -current packages: cb7d3aa850b3cfe54abd1eb61c881cc7 a/openssl-solibs-1.0.1k-i486-1.txz 00ae9f01693bf86a709fd79b0e8cd099 n/openssl-1.0.1k-i486-1.txz
Slackware x86_64 -current packages: 727887e756148bb1d28fa348804fcdb9 a/openssl-solibs-1.0.1k-x86_64-1.txz 9c254936144f5aaaf8fe4eee033f5658 n/openssl-1.0.1k-x86_64-1.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory DoS security fix critical threat package upgrade Slackware openssl

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the packages as root: # upgradepkg openssl-1.0.1k-i486-1_slack14.1.txz openssl-solibs-1.0.1k-i486-1_slack14.1.txz

Related News

Your message here