Slackware 14.2: SSA:2018-226-01 Low Severity: DoS and Timing Issues

slackware

August 15, 2018

New openssl packages are available for Slackware 14.2 and -current to fix security issues

Summary

Here are the details from the Slackware 14.2 ChangeLog: patches/packages/openssl-1.0.2p-i586-1_slack14.2.txz: Upgraded. This update fixes two low severity security issues: Client DoS due to large DH parameter. Cache timing vulnerability in RSA Key Generation. For more information, see: https://openssl-library.org/news/secadv/20180612.txt https://openssl-library.org/news/secadv/20180416.txt https://www.cve.org/CVERecord?id=CVE-2018-0732 https://www.cve.org/CVERecord?id=CVE-2018-0737 (* Security fix *) patches/packages/openssl-solibs-1.0.2p-i586-1_slack14.2.txz: Upgraded.

Topics Covered

security advisory package update DoS slackware low severity openssl timing issue

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated packages for Slackware 14.2:
Updated packages for Slackware x86_64 14.2:
Updated packages for Slackware -current:
Updated packages for Slackware x86_64 -current:

MD5 Signatures

Slackware 14.2 packages: cf7c40e9c66711e028671a7bb38abd99 openssl-1.0.2p-i586-1_slack14.2.txz d2850088b0aed90a45aa250ebffad451 openssl-solibs-1.0.2p-i586-1_slack14.2.txz
Slackware x86_64 14.2 packages: 9d42083aaf9c4854928ec380307ebabb openssl-1.0.2p-x86_64-1_slack14.2.txz fd566d85eb3c5cbd82e90b7215b61c91 openssl-solibs-1.0.2p-x86_64-1_slack14.2.txz
Slackware -current packages: bd79b75ed5522f75945612c2e2f5dcb8 a/openssl-solibs-1.1.0i-i586-1.txz 9aaa879284e70161ee40224c2b4660e3 n/openssl-1.1.0i-i586-1.txz
Slackware x86_64 -current packages: dadf088e88d02b583c21b1855ba875b5 a/openssl-solibs-1.1.0i-x86_64-1.txz 3ee4aa3c24eb8be63ed67a5391edffe4 n/openssl-1.1.0i-x86_64-1.txz

Severity

low

Lowest

Low

Medium

High

Critical

Topics Covered

security advisory package update DoS slackware low severity openssl timing issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the packages as root: # upgradepkg openssl-*.txz

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Slackware 14.2: SSA:2018-226-01 Low Severity: DoS and Timing Issues

Summary

Topics Covered

Where Find New Packages

MD5 Signatures

Topics Covered

Get the latest News and Insights

Installation Instructions

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Slackware 14.2: SSA:2018-226-01 Low Severity: DoS and Timing Issues

Summary

Topics Covered

Where Find New Packages

MD5 Signatures

Topics Covered

Get the latest News and Insights

Installation Instructions

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!