==========================================================Ubuntu Security Notice USN-1018-1          November 18, 2010
openssl vulnerability
CVE-2010-3864
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS
Ubuntu 9.10
Ubuntu 10.04 LTS
Ubuntu 10.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
  libssl0.9.8                     0.9.8g-4ubuntu3.12

Ubuntu 9.10:
  libssl0.9.8                     0.9.8g-16ubuntu3.4

Ubuntu 10.04 LTS:
  libssl0.9.8                     0.9.8k-7ubuntu8.4

Ubuntu 10.10:
  libssl0.9.8                     0.9.8o-1ubuntu4.2

After a standard system update you need to reboot your computer to make
all the necessary changes.

Details follow:

Rob Hulswit discovered a race condition in the OpenSSL TLS server
extension parsing code when used within a threaded server. A remote
attacker could trigger this flaw to cause a denial of service
or possibly execute arbitrary code with application privileges.
(CVE-2010-3864)


Updated packages for Ubuntu 8.04 LTS:

  Source archives:

          Size/MD5:    73629 8e83dfc0b87bcbae8b314538a3468030
          Size/MD5:     1563 e2ad4535833ad250f3a80547f74ff939
          Size/MD5:  3354792 acf70a16359bf3658bdfb74bda1c4419

  Architecture independent packages:

          Size/MD5:   641642 1b8774cb48f140e2a65b44425e6a84a9

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   604226 701b868dae6ff3b4acaecba7e4805c73
          Size/MD5:  2084370 9dc23d12935cc2deaf0764464fb5c165
          Size/MD5:  1621412 21a0195a5b94a95c0f31a11cdb442332
          Size/MD5:   941460 36b4e23bedeaee6dd3c950578da33ce1
          Size/MD5:   392742 4a8010b5cd8f1b489660479bee7667ed

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   564968 3e35d334fe54a00fb455b9c5a540775d
          Size/MD5:  1958032 2be87dd83d0296d0289eb62e25e28d88
          Size/MD5:  5410054 d9c82287b3e43f6cbdc9d6f371983967
          Size/MD5:  2860472 3061edbd23d5c0647588a8ad2567cd84
          Size/MD5:   387702 7eb7b9e1284eb43f8d840455e6eb83b0

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:   535616 b226bddb20b4f228d7218a22f986d9fa
          Size/MD5:  1932078 903a47c3d8ba7ad7eeb1b184fb475d75
          Size/MD5:  1532942 7594def771ba6c7c24d6da4557899ce5
          Size/MD5:   852414 c5b8154e801e4ff4e6a5c6e81d284599
          Size/MD5:   392078 695a93af2b6a22f8b2871d854679b854

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   610448 f22581d0b31ea15eba35688d89127eed
          Size/MD5:  2091252 5dd7ddf2bf6acbce76b9fa0895c021cb
          Size/MD5:  1658682 d9d826c948abbac11f786b44d6a39f31
          Size/MD5:   953672 a3b3b5919a66d891259eb5727a11c400
          Size/MD5:   401062 934b6bac1c1a830b1fb26f163b52787b

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   559790 ef57e27f275920eaeb74c6e82a82bf6c
          Size/MD5:  1995864 a218c99c8c6959d82c1c147e10878465
          Size/MD5:  3926654 8d863a5893c646537cc65a52a10e9a9f
          Size/MD5:  2264484 1767c764a099a5dc707ba92c8bde0f95
          Size/MD5:   400286 3e7562cd8baa00bd9942ca99ed8816f9

Updated packages for Ubuntu 9.10:

  Source archives:

          Size/MD5:    74892 1e76acd1459b1dc464dd3df22e31ebf9
          Size/MD5:     2078 1ab15c05257995dd4c382867664494f9
          Size/MD5:  3354792 acf70a16359bf3658bdfb74bda1c4419

  Architecture independent packages:

          Size/MD5:   632332 4a6b90fd29854736a4d8ee9a4582aa43

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   628188 7df7819e135f6376dbc9394161663417
          Size/MD5:  2126128 4f30af8c22ae9946674588b87d61443b
          Size/MD5:  1639434 d4f6438ad31595e4f202a2d7443658d8
          Size/MD5:   966666 9a5b309423d255e4a25b4dbe94dda4c3
          Size/MD5:   403894 e1c22f4d8b6024b3c7dc5fbd552ca774

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   571492 5b6cf1f96d0faddd984ce167376dd154
          Size/MD5:  1974686 b3f853df1ed132689b3e21a017659f80
          Size/MD5:  5631780 d709c5a272075b25a4c15b4c2f808c7c
          Size/MD5:  2923378 8c20a97ed8ee25ee1e3e3aa58bfaa821
          Size/MD5:   397868 6a44829f6f0d541f90399fd2d7b8dc80

  armel architecture (ARM Architecture):

          Size/MD5:   541456 12957059c22f1acecd59719f24b9bd6e
          Size/MD5:  1962502 4abe36617e61515ac4c7b407c27e137e
          Size/MD5:  1537386 72c7c7a258af3df54ca74e6df6b19c0f
          Size/MD5:   856732 3368c9e7825937c1b414cbe362b77b1e
          Size/MD5:   393190 9fb61fc13bb6d73f31c3ffd587a13ebe

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:   547518 8b6a7781982f8e20311427ced73531c5
          Size/MD5:  1957320 2003c2b4285c825743b2b5307c892a91
          Size/MD5:  1590426 4cabbb4c4f7c0e2de8316a2e2a466c6e
          Size/MD5:   868652 37eb45b5905a43660d9fb273344c9069
          Size/MD5:   399904 879319ad09dfe58eb0ca1a002440b5ea

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   619102 510c588a0aa69cff82cbee62d4a1c896
          Size/MD5:  2115912 3694909ac8d3252c103b697010bbf81f
          Size/MD5:  1697564 f1f0c9cb748e83af3cadbab54822d194
          Size/MD5:   951104 63d368910255790e13f1d6dccb37af61
          Size/MD5:   399368 b8b4c8b5c72cc017ca5672198d9bf2aa

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   563634 c466030f028e70dfa747932614220ac4
          Size/MD5:  2008228 be9a8ee1feb1aa4ea62679ca2fd8bd0f
          Size/MD5:  3995200 fa2db7f4fc5bf4af9341b53c9ba85ff0
          Size/MD5:  2283626 d9704a064c6a85ac92e946ca2faa65ea
          Size/MD5:   409332 06606e1d335f32e3e44e48d8afa6d1a8

Updated packages for Ubuntu 10.04 LTS:

  Source archives:

          Size/MD5:   110806 b6a72f5617d3e743da730f947365450f
          Size/MD5:     2102 5fad7d8112b789093a8b74b61d894dd7
          Size/MD5:  3852259 e555c6d58d276aec7fdc53363e338ab3

  Architecture independent packages:

          Size/MD5:   640484 65f89cd09503e9dfd2a792cccb2ce7e0

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   630234 2abd8fa21277e78526c267d5a32c6bc1
          Size/MD5:  2150212 e153c8f55f48da761f9735f9cba56007
          Size/MD5:  1647148 cd992f2083ff30d39486a505c94ca81d
          Size/MD5:   136200 e61ecac6d3a681ed5aad1f9fec4c6eea
          Size/MD5:   979012 fdf5cad65e1b1a49a6ab7c87a5191166
          Size/MD5:   407424 f5b300a9550da7a9ce44a33591d1238d

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   582640 3331eb0a84a73db5c2a9615e8bcf7904
          Size/MD5:  2006546 c98ca08ce6c8e3794f66aa742567c12c
          Size/MD5:  5806250 dfb40541f377c6b0172915252ab6f1ad
          Size/MD5:   129764 3dffc9e476e03e31d7cf87e613cf6347
          Size/MD5:  3014970 a4aba084160b01e25784889c4d0bf985
          Size/MD5:   400394 0cbe4b15430e06ca2bbf9eb83db2f85e

  armel architecture (ARM Architecture):

          Size/MD5:   532310 61434da163a63ea2be3cb58b633fc846
          Size/MD5:  1930856 a2e8d1d2c9fc9129b377bf7abcc733cc
          Size/MD5:  1627102 ceaa13f3900374692d226ccf4f8213a8
          Size/MD5:   115694 9c8552651df4f2a58f837e7a9d7fafc8
          Size/MD5:   850126 ffcf71c45014f47bb073c35ea3791ca3
          Size/MD5:   395314 d7f37f0bc27c12dd6b6b403f4b3cb4a9

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   627048 213a69bc3eb7655f515607978ae33f3f
          Size/MD5:  2147558 1e0f72bf7bcb162dc7d019d4c38da139
          Size/MD5:  1718724 de13bd56b8766f7a3a0af63a6746fdb4
          Size/MD5:   135590 64ccc06313a43097e4a8078f326f322d
          Size/MD5:   969534 7618d2e2d3c177b8133e977148f0fa51
          Size/MD5:   402854 7cdebbca62cd476110fd6873a68af8c2

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   597972 b50635a10bde28f8cb90ad32c4c86ace
          Size/MD5:  2065616 c4a77c3e7591e46f12c17e74600d8e8c
          Size/MD5:  4094484 c854f28a4b5c3d5a5224162c2e73fd1c
          Size/MD5:   125876 ec4b4590d98e5afbecab93a8bfcaafc6
          Size/MD5:  2353966 2c604a9bf413bfcca5849f62b72dc213
          Size/MD5:   419326 5b84ac9a8a66b2905c8583794c27f40b

Updated packages for Ubuntu 10.10:

  Source archives:

          Size/MD5:    90421 382ee5838fb9302d6eb05fd7eabad0c5
          Size/MD5:     2118 c69e897130a8d5ca87745eeab5617a58
          Size/MD5:  3772542 63ddc5116488985e820075e65fbe6aa4

  Architecture independent packages:

          Size/MD5:   654054 b647f3b682bc1575a39b0ceb5925b34b

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   620310 aebe6090da811e53dc923db32ea63934
          Size/MD5:  2160054 b604084db32fa210f941ef9616cd8790
          Size/MD5:  1550408 392da3a38355be1628248b7d0e3f4b05
          Size/MD5:   137398 9cc43201b3c58c03ff02d41d37125edc
          Size/MD5:   923292 995e8c23b321386e920314b0e689c431
          Size/MD5:   406972 f38f8d9e1cfaf8c62e5dd018d401466b

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   570732 96c6c35ab562a7b6f8ae420586983800
          Size/MD5:  2019446 6d5dba75b78c9d4bc3115259a13ee7a1
          Size/MD5:  1553214 133f3f1119a0efceaa2a32bc3513a509
          Size/MD5:   130550 2d09f5353c962d6663b376798c027821
          Size/MD5:   867398 2b1938418f0536821825b819ec0d28fd
          Size/MD5:   400256 6760d7da6ad7f9e4c78ccff24ace8cf4

  armel architecture (ARM Architecture):

          Size/MD5:   566064 35d4823c92f9cf6e3ec4455bd8df3bc7
          Size/MD5:  2012398 7004fecedfa647a5efebc32f79f77495
          Size/MD5:  1542246 4a2fb36021977ad1242c194e69247ccc
          Size/MD5:   120490 09b5012db260645b50e8fd22af47ee11
          Size/MD5:   851492 b77a33a9380998f7b67ae35e6eab777d
          Size/MD5:   406486 06e635ce46acd6a330f58c8cb9bb9776

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   616136 f2235905b40c025453324a44344cb1f2
          Size/MD5:  2154606 c377e7746a7ccaa408e1251c52fb3447
          Size/MD5:  1618532 58344409611a12394988f722708cf7e3
          Size/MD5:   136118 ea4c3820ae462a69fdb0d65469b93cdc
          Size/MD5:   917576 0358271b7a26fbd3ad7f4568a2d1f9dc
          Size/MD5:   402020 78c7f6d5915dc65d3e6ea47f930fe181

Ubuntu 1018-1: OpenSSL vulnerability

November 18, 2010
Rob Hulswit discovered a race condition in the OpenSSL TLS serverextension parsing code when used within a threaded server

Summary

Update Instructions

References

Severity
openssl vulnerability

Package Information

Related News

4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved