Slackware: 2023-038-01: openssl Security Update | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Contribute

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  openssl (SSA:2023-038-01)

New openssl packages are available for Slackware 15.0 and -current to
fix security issues.


Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/openssl-1.1.1t-i586-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  X.400 address type confusion in X.509 GeneralName.
  Timing Oracle in RSA Decryption.
  Use-after-free following BIO_new_NDEF.
  Double free after calling PEM_read_bio_ex.
  For more information, see:
    https://www.openssl.org/news/secadv/20230207.txt
    https://www.cve.org/CVERecord?id=CVE-2023-0286
    https://www.cve.org/CVERecord?id=CVE-2022-4304
    https://www.cve.org/CVERecord?id=CVE-2023-0215
    https://www.cve.org/CVERecord?id=CVE-2022-4450
  (* Security fix *)
patches/packages/openssl-solibs-1.1.1t-i586-1_slack15.0.txz:  Upgraded.
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on https://slackware.com for
additional mirror sites near you.

Updated packages for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/openssl-1.1.1t-i586-1_slack15.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/openssl-solibs-1.1.1t-i586-1_slack15.0.txz

Updated packages for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/openssl-1.1.1t-x86_64-1_slack15.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/openssl-solibs-1.1.1t-x86_64-1_slack15.0.txz

Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.1.1t-i586-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.1.1t-i586-1.txz

Updated packages for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.1.1t-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.1.1t-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 15.0 packages:
91957e9cb9b1aafd2c62ee542dcf0b46  openssl-1.1.1t-i586-1_slack15.0.txz
f016aff5335e01db83aa82273c5162e0  openssl-solibs-1.1.1t-i586-1_slack15.0.txz

Slackware x86_64 15.0 packages:
2c7c51349bf330c02664fc5471bb1f02  openssl-1.1.1t-x86_64-1_slack15.0.txz
0d2c9b98fa75eef4f69de0342b3b5521  openssl-solibs-1.1.1t-x86_64-1_slack15.0.txz

Slackware -current packages:
d4cd4df4dad5a7b46b0d83878a7e8420  a/openssl-solibs-1.1.1t-i586-1.txz
849b9ec3e851984ec952bb1587a1e849  n/openssl-1.1.1t-i586-1.txz

Slackware x86_64 -current packages:
012ecd508d7e12f3b437d7d2aa1a9261  a/openssl-solibs-1.1.1t-x86_64-1.txz
0b5e3d4defe82eb8bec1a80180cbf0e5  n/openssl-1.1.1t-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the packages as root:
# upgradepkg openssl-1.1.1t-i586-1_slack15.0.txz openssl-solibs-1.1.1t-i586-1_slack15.0.txz


+-----+

Slackware: 2023-038-01: openssl Security Update

February 7, 2023
New openssl packages are available for Slackware 15.0 and -current to fix security issues

Summary

Here are the details from the Slackware 15.0 ChangeLog: patches/packages/openssl-1.1.1t-i586-1_slack15.0.txz: Upgraded. This update fixes security issues: X.400 address type confusion in X.509 GeneralName. Timing Oracle in RSA Decryption. Use-after-free following BIO_new_NDEF. Double free after calling PEM_read_bio_ex. For more information, see: https://www.openssl.org/news/secadv/20230207.txt https://www.cve.org/CVERecord?id=CVE-2023-0286 https://www.cve.org/CVERecord?id=CVE-2022-4304 https://www.cve.org/CVERecord?id=CVE-2023-0215 https://www.cve.org/CVERecord?id=CVE-2022-4450 (* Security fix *) patches/packages/openssl-solibs-1.1.1t-i586-1_slack15.0.txz: Upgraded.

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on https://slackware.com for additional mirror sites near you.
Updated packages for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/openssl-1.1.1t-i586-1_slack15.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/openssl-solibs-1.1.1t-i586-1_slack15.0.txz
Updated packages for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/openssl-1.1.1t-x86_64-1_slack15.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/openssl-solibs-1.1.1t-x86_64-1_slack15.0.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.1.1t-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.1.1t-i586-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.1.1t-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.1.1t-x86_64-1.txz

MD5 Signatures

Slackware 15.0 packages: 91957e9cb9b1aafd2c62ee542dcf0b46 openssl-1.1.1t-i586-1_slack15.0.txz f016aff5335e01db83aa82273c5162e0 openssl-solibs-1.1.1t-i586-1_slack15.0.txz
Slackware x86_64 15.0 packages: 2c7c51349bf330c02664fc5471bb1f02 openssl-1.1.1t-x86_64-1_slack15.0.txz 0d2c9b98fa75eef4f69de0342b3b5521 openssl-solibs-1.1.1t-x86_64-1_slack15.0.txz
Slackware -current packages: d4cd4df4dad5a7b46b0d83878a7e8420 a/openssl-solibs-1.1.1t-i586-1.txz 849b9ec3e851984ec952bb1587a1e849 n/openssl-1.1.1t-i586-1.txz
Slackware x86_64 -current packages: 012ecd508d7e12f3b437d7d2aa1a9261 a/openssl-solibs-1.1.1t-x86_64-1.txz 0b5e3d4defe82eb8bec1a80180cbf0e5 n/openssl-1.1.1t-x86_64-1.txz

Severity
[slackware-security] openssl (SSA:2023-038-01)
New openssl packages are available for Slackware 15.0 and -current to fix security issues.

Installation Instructions

Installation instructions: Upgrade the packages as root: # upgradepkg openssl-1.1.1t-i586-1_slack15.0.txz openssl-solibs-1.1.1t-i586-1_slack15.0.txz

Related News

Linux Kernel Vulnerabilities in Ubuntu Let Hackers Launch DOS Attack & Execute Arbitrary Code

Google Discloses CentOS Linux Kernel Vulnerabilities Following Failure to Issue Timely Fixes

Kali Linux 2023.1 Introduces 'Purple' Distro for Defensive Security

Companies Can’t Stop Using Open Source

News

Advisories

HOWTOs

Features

Interview with Guardian Digital CEO Dave Wreski: Open Source Utilization in Email Security Solutions & More
Verifying Linux Server Security: What Every Admin Needs to Know
What Linux, Windows & Mac OS Users Need to Know About VPNs
Complete Guide to Vulnerability Basics
How To Get Live Updates on Critical Linux Security Advisories

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy