Slackware: 2019-057-01: openssl (slackware 14.2) Security Update

    Date26 Feb 2019
    CategorySlackware
    388
    Posted ByLinuxSecurity Advisories
    New openssl packages are available for Slackware 14.2 to fix a security issue.
    
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    [slackware-security]  openssl (slackware 14.2) (SSA:2019-057-01)
    
    New openssl packages are available for Slackware 14.2 to fix a security issue.
    
    
    Here are the details from the Slackware 14.2 ChangeLog:
    +--------------------------+
    patches/packages/openssl-1.0.2r-i586-1_slack14.2.txz:  Upgraded.
      Go into the error state if a fatal alert is sent or received. If an
      application calls SSL_shutdown after a fatal alert has occured and
      then behaves different based on error codes from that function then
      the application may be vulnerable to a padding oracle.
      For more information, see:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1559
      (* Security fix *)
    patches/packages/openssl-solibs-1.0.2r-i586-1_slack14.2.txz:  Upgraded.
    +--------------------------+
    
    
    Where to find the new packages:
    +-----------------------------+
    
    Thanks to the friendly folks at the OSU Open Source Lab
    (http://osuosl.org) for donating FTP and rsync hosting
    to the Slackware project!  :-)
    
    Also see the "Get Slack" section on http://slackware.com for
    additional mirror sites near you.
    
    Updated packages for Slackware 14.2:
    ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-1.0.2r-i586-1_slack14.2.txz
    ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-solibs-1.0.2r-i586-1_slack14.2.txz
    
    Updated packages for Slackware x86_64 14.2:
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-1.0.2r-x86_64-1_slack14.2.txz
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-solibs-1.0.2r-x86_64-1_slack14.2.txz
    
    
    MD5 signatures:
    +-------------+
    
    Slackware 14.2 packages:
    b23a71963648d515630497f203eefab8  openssl-1.0.2r-i586-1_slack14.2.txz
    8b04a9be9b78052791f02428be44a639  openssl-solibs-1.0.2r-i586-1_slack14.2.txz
    
    Slackware x86_64 14.2 packages:
    c183c2ad507a65020f13c0dc154c0b11  openssl-1.0.2r-x86_64-1_slack14.2.txz
    d656915855edd6365636ac558b8180cb  openssl-solibs-1.0.2r-x86_64-1_slack14.2.txz
    
    
    Installation instructions:
    +------------------------+
    
    Upgrade the packages as root:
    # upgradepkg openssl-1.0.2r-i586-1_slack14.2.txz openssl-solibs-1.0.2r-i586-1_slack14.2.txz
    
    
    +-----+
    
    You are not authorised to post comments.

    LinuxSecurity Poll

    In your opinion, what is the biggest advantage associated with choosing open-source software/products?

    Message!

    Poll results are hidden from public viewing.

    You are not authorized to vote on this poll.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /component/communitypolls/?task=poll.vote
    8
    radio
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.