[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[RHSA-2006:0695-01] Important: openssl security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Important: openssl security update
Advisory ID:       RHSA-2006:0695-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2006-0695.html
Issue date:        2006-09-28
Updated on:        2006-09-28
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 
                   CVE-2006-4343 
- ---------------------------------------------------------------------

1. Summary:

Updated OpenSSL packages are now available to correct several security issues.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and protocols.

Tavis Ormandy and Will Drewry of the Google Security Team discovered a
buffer overflow in the SSL_get_shared_ciphers() utility function.  An
attacker could send a list of ciphers to an application that used this
function and overrun a buffer (CVE-2006-3738).  Few applications make use
of this vulnerable function and generally it is used only when applications
are compiled for debugging.

Tavis Ormandy and Will Drewry of the Google Security Team discovered a 
flaw in the SSLv2 client code.  When a client application used OpenSSL to
create an SSLv2 connection to a malicious server, that server could cause
the client to crash.  (CVE-2006-4343)

Dr S. N. Henson of the OpenSSL core team and Open Network Security recently
developed an ASN.1 test suite for NISCC (www.niscc.gov.uk) which uncovered
denial of service vulnerabilities: 

* Certain public key types can take disproportionate amounts of time to
process, leading to a denial of service.  (CVE-2006-2940)

* During parsing of certain invalid ASN.1 structures an error condition was
mishandled.  This can result in an infinite loop which consumed system
memory (CVE-2006-2937).  This issue does not affect the OpenSSL version
distributed in Red Hat Enterprise Linux 2.1.

These vulnerabilities can affect applications which use OpenSSL to parse
ASN.1 data from untrusted sources, including SSL servers which enable
client authentication and S/MIME applications.

Users are advised to upgrade to these updated packages, which contain
backported patches to correct these issues.

Note: After installing this update, users are advised to either restart all
services that use OpenSSL or restart their system.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

206940 - CVE-2006-3738 OpenSSL issues (CVE-2006-4343)
207274 - CVE-2006-2940 OpenSSL Parasitic Public Keys
207276 - CVE-2006-2937 OpenSSL ASN1 DoS

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/openssl-0.9.6b-46.src.rpm
8dec955be0bcdb6aae9bc0fc6c832eca  openssl-0.9.6b-46.src.rpm
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/openssl095a-0.9.5a-32.src.rpm
31991401d1065d4934f00a7cb0b35b30  openssl095a-0.9.5a-32.src.rpm
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/openssl096-0.9.6-32.src.rpm
f2854e9ff45b62b93e8f9cb1b59a05c1  openssl096-0.9.6-32.src.rpm

i386:
c28b3f1b264ab2ea1986cf2c0f211437  openssl-0.9.6b-46.i386.rpm
fca94acfb677dc9155716d7a779f7ede  openssl-0.9.6b-46.i686.rpm
b2edb35842b91ed24dbee0a739993129  openssl-devel-0.9.6b-46.i386.rpm
b502425dd73fdc854d1bbe6f29f65bd8  openssl-perl-0.9.6b-46.i386.rpm
a0212f46e2e06dc8557154fd444b8277  openssl095a-0.9.5a-32.i386.rpm
b64b17ba8f32468723a569d36642defc  openssl096-0.9.6-32.i386.rpm

ia64:
910ab86216c49bfd0091f10f77da729c  openssl-0.9.6b-46.ia64.rpm
7f9f4c612988c83a7a42849eee5cd8cd  openssl-devel-0.9.6b-46.ia64.rpm
6741a6cad4ee2bd6971ec6c2ae4744af  openssl-perl-0.9.6b-46.ia64.rpm
23953bd1c31641930574c3e72256f026  openssl095a-0.9.5a-32.ia64.rpm
1a1277a9803202b82258d8e0194bd559  openssl096-0.9.6-32.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/openssl-0.9.6b-46.src.rpm
8dec955be0bcdb6aae9bc0fc6c832eca  openssl-0.9.6b-46.src.rpm
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/openssl095a-0.9.5a-32.src.rpm
31991401d1065d4934f00a7cb0b35b30  openssl095a-0.9.5a-32.src.rpm
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/openssl096-0.9.6-32.src.rpm
f2854e9ff45b62b93e8f9cb1b59a05c1  openssl096-0.9.6-32.src.rpm

ia64:
910ab86216c49bfd0091f10f77da729c  openssl-0.9.6b-46.ia64.rpm
7f9f4c612988c83a7a42849eee5cd8cd  openssl-devel-0.9.6b-46.ia64.rpm
6741a6cad4ee2bd6971ec6c2ae4744af  openssl-perl-0.9.6b-46.ia64.rpm
23953bd1c31641930574c3e72256f026  openssl095a-0.9.5a-32.ia64.rpm
1a1277a9803202b82258d8e0194bd559  openssl096-0.9.6-32.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/openssl-0.9.6b-46.src.rpm
8dec955be0bcdb6aae9bc0fc6c832eca  openssl-0.9.6b-46.src.rpm

i386:
c28b3f1b264ab2ea1986cf2c0f211437  openssl-0.9.6b-46.i386.rpm
fca94acfb677dc9155716d7a779f7ede  openssl-0.9.6b-46.i686.rpm
b2edb35842b91ed24dbee0a739993129  openssl-devel-0.9.6b-46.i386.rpm
b502425dd73fdc854d1bbe6f29f65bd8  openssl-perl-0.9.6b-46.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/openssl-0.9.6b-46.src.rpm
8dec955be0bcdb6aae9bc0fc6c832eca  openssl-0.9.6b-46.src.rpm

i386:
c28b3f1b264ab2ea1986cf2c0f211437  openssl-0.9.6b-46.i386.rpm
fca94acfb677dc9155716d7a779f7ede  openssl-0.9.6b-46.i686.rpm
b2edb35842b91ed24dbee0a739993129  openssl-devel-0.9.6b-46.i386.rpm
b502425dd73fdc854d1bbe6f29f65bd8  openssl-perl-0.9.6b-46.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/openssl-0.9.7a-33.21.src.rpm
a973479e3a45ab875fbc961df839de8e  openssl-0.9.7a-33.21.src.rpm
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/openssl096b-0.9.6b-16.46.src.rpm
13f3a51b79f3937206cc6a6a8aa6391d  openssl096b-0.9.6b-16.46.src.rpm

i386:
827852982785bfa3d5df09de6ff75091  openssl-0.9.7a-33.21.i386.rpm
0ddbef7542c03a39e5b783befa49faf9  openssl-0.9.7a-33.21.i686.rpm
e8548f583303a6f33616ab05230ec0f2  openssl-debuginfo-0.9.7a-33.21.i386.rpm
fbe2ef66dcf1465978d4cb0c3271a850  openssl-debuginfo-0.9.7a-33.21.i686.rpm
a87c753f7e6405ae8fa0aaebc68385c0  openssl-devel-0.9.7a-33.21.i386.rpm
31945ca92c89ac970ae6dfb771b62f90  openssl-perl-0.9.7a-33.21.i386.rpm
471caa16df4173c4e25942bced25dcac  openssl096b-0.9.6b-16.46.i386.rpm
ef14285589ed68829f3c871fb46a8ab2  openssl096b-debuginfo-0.9.6b-16.46.i386.rpm

ia64:
0ddbef7542c03a39e5b783befa49faf9  openssl-0.9.7a-33.21.i686.rpm
5651e3de97f42cd855a931b6a80f2de9  openssl-0.9.7a-33.21.ia64.rpm
fbe2ef66dcf1465978d4cb0c3271a850  openssl-debuginfo-0.9.7a-33.21.i686.rpm
19fa9f7790fcf99a3fd031a2ada6bbd9  openssl-debuginfo-0.9.7a-33.21.ia64.rpm
57708528d814ff3c8b258d4a80528436  openssl-devel-0.9.7a-33.21.ia64.rpm
7d5ed68eb555dc1bcbc4fbabcc5b73ad  openssl-perl-0.9.7a-33.21.ia64.rpm
471caa16df4173c4e25942bced25dcac  openssl096b-0.9.6b-16.46.i386.rpm
71fc44bb49b0d92913663c8cb876e669  openssl096b-0.9.6b-16.46.ia64.rpm
ef14285589ed68829f3c871fb46a8ab2  openssl096b-debuginfo-0.9.6b-16.46.i386.rpm
22df5b0e3a9bdc8e733d37ec5ce7e174  openssl096b-debuginfo-0.9.6b-16.46.ia64.rpm

ppc:
23dd92775b7dff6f9af187e70189a441  openssl-0.9.7a-33.21.ppc.rpm
fdd82d793ffa19d4b2cb24436715b6ef  openssl-0.9.7a-33.21.ppc64.rpm
646c09be6961463a5dd1c73c396addac  openssl-debuginfo-0.9.7a-33.21.ppc.rpm
c34b6862bc1ddca063e8983ed66cd9b3  openssl-debuginfo-0.9.7a-33.21.ppc64.rpm
cf07c421339a5cbc7b83b445dc83cbb3  openssl-devel-0.9.7a-33.21.ppc.rpm
4b64038e9b9e1a21125ed5fe96936f3a  openssl-perl-0.9.7a-33.21.ppc.rpm
251d55b641566819d7a622c3df7adae2  openssl096b-0.9.6b-16.46.ppc.rpm
2c25be65c057819ecfc49c2c8358839f  openssl096b-debuginfo-0.9.6b-16.46.ppc.rpm

s390:
4537fa728fbd6535bf9ebfc1dfae9db4  openssl-0.9.7a-33.21.s390.rpm
4ebd21d1b7be9ba245d3e0370f670c81  openssl-debuginfo-0.9.7a-33.21.s390.rpm
0ca48923672d80934b89dd4f23f19477  openssl-devel-0.9.7a-33.21.s390.rpm
586f5db21d131f1124b6c9a86a06392f  openssl-perl-0.9.7a-33.21.s390.rpm
ba87b58750856cc18d5de41573455ad6  openssl096b-0.9.6b-16.46.s390.rpm
3e9db2b43a0bb3e580fbfd02efbf15db  openssl096b-debuginfo-0.9.6b-16.46.s390.rpm

s390x:
4537fa728fbd6535bf9ebfc1dfae9db4  openssl-0.9.7a-33.21.s390.rpm
287730c6542c5f6f75f21175bc35663a  openssl-0.9.7a-33.21.s390x.rpm
4ebd21d1b7be9ba245d3e0370f670c81  openssl-debuginfo-0.9.7a-33.21.s390.rpm
2fbb8d077dc825d6db60336d372018fb  openssl-debuginfo-0.9.7a-33.21.s390x.rpm
03d78bb245573ca4dee34deeb38147de  openssl-devel-0.9.7a-33.21.s390x.rpm
3e74b96f4ede173e0c9ec76d39991759  openssl-perl-0.9.7a-33.21.s390x.rpm
ba87b58750856cc18d5de41573455ad6  openssl096b-0.9.6b-16.46.s390.rpm
3e9db2b43a0bb3e580fbfd02efbf15db  openssl096b-debuginfo-0.9.6b-16.46.s390.rpm

x86_64:
0ddbef7542c03a39e5b783befa49faf9  openssl-0.9.7a-33.21.i686.rpm
828ad64a16daf904ee6f670d2ace71cb  openssl-0.9.7a-33.21.x86_64.rpm
fbe2ef66dcf1465978d4cb0c3271a850  openssl-debuginfo-0.9.7a-33.21.i686.rpm
1472d0f38a85d7f53eccf8140cbefeea  openssl-debuginfo-0.9.7a-33.21.x86_64.rpm
3af1217ec416c8960d4be2201592553f  openssl-devel-0.9.7a-33.21.x86_64.rpm
ebe87dda7ab2d3c45e955810b09961b7  openssl-perl-0.9.7a-33.21.x86_64.rpm
471caa16df4173c4e25942bced25dcac  openssl096b-0.9.6b-16.46.i386.rpm
caea4604b3d35b9829093d2221ebd828  openssl096b-0.9.6b-16.46.x86_64.rpm
ef14285589ed68829f3c871fb46a8ab2  openssl096b-debuginfo-0.9.6b-16.46.i386.rpm
945552740fbe1c6b1dbca55c13b87340  openssl096b-debuginfo-0.9.6b-16.46.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/openssl-0.9.7a-33.21.src.rpm
a973479e3a45ab875fbc961df839de8e  openssl-0.9.7a-33.21.src.rpm
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/openssl096b-0.9.6b-16.46.src.rpm
13f3a51b79f3937206cc6a6a8aa6391d  openssl096b-0.9.6b-16.46.src.rpm

i386:
827852982785bfa3d5df09de6ff75091  openssl-0.9.7a-33.21.i386.rpm
0ddbef7542c03a39e5b783befa49faf9  openssl-0.9.7a-33.21.i686.rpm
e8548f583303a6f33616ab05230ec0f2  openssl-debuginfo-0.9.7a-33.21.i386.rpm
fbe2ef66dcf1465978d4cb0c3271a850  openssl-debuginfo-0.9.7a-33.21.i686.rpm
a87c753f7e6405ae8fa0aaebc68385c0  openssl-devel-0.9.7a-33.21.i386.rpm
31945ca92c89ac970ae6dfb771b62f90  openssl-perl-0.9.7a-33.21.i386.rpm
471caa16df4173c4e25942bced25dcac  openssl096b-0.9.6b-16.46.i386.rpm
ef14285589ed68829f3c871fb46a8ab2  openssl096b-debuginfo-0.9.6b-16.46.i386.rpm

x86_64:
0ddbef7542c03a39e5b783befa49faf9  openssl-0.9.7a-33.21.i686.rpm
828ad64a16daf904ee6f670d2ace71cb  openssl-0.9.7a-33.21.x86_64.rpm
fbe2ef66dcf1465978d4cb0c3271a850  openssl-debuginfo-0.9.7a-33.21.i686.rpm
1472d0f38a85d7f53eccf8140cbefeea  openssl-debuginfo-0.9.7a-33.21.x86_64.rpm
3af1217ec416c8960d4be2201592553f  openssl-devel-0.9.7a-33.21.x86_64.rpm
ebe87dda7ab2d3c45e955810b09961b7  openssl-perl-0.9.7a-33.21.x86_64.rpm
471caa16df4173c4e25942bced25dcac  openssl096b-0.9.6b-16.46.i386.rpm
caea4604b3d35b9829093d2221ebd828  openssl096b-0.9.6b-16.46.x86_64.rpm
ef14285589ed68829f3c871fb46a8ab2  openssl096b-debuginfo-0.9.6b-16.46.i386.rpm
945552740fbe1c6b1dbca55c13b87340  openssl096b-debuginfo-0.9.6b-16.46.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/openssl-0.9.7a-33.21.src.rpm
a973479e3a45ab875fbc961df839de8e  openssl-0.9.7a-33.21.src.rpm
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/openssl096b-0.9.6b-16.46.src.rpm
13f3a51b79f3937206cc6a6a8aa6391d  openssl096b-0.9.6b-16.46.src.rpm

i386:
827852982785bfa3d5df09de6ff75091  openssl-0.9.7a-33.21.i386.rpm
0ddbef7542c03a39e5b783befa49faf9  openssl-0.9.7a-33.21.i686.rpm
e8548f583303a6f33616ab05230ec0f2  openssl-debuginfo-0.9.7a-33.21.i386.rpm
fbe2ef66dcf1465978d4cb0c3271a850  openssl-debuginfo-0.9.7a-33.21.i686.rpm
a87c753f7e6405ae8fa0aaebc68385c0  openssl-devel-0.9.7a-33.21.i386.rpm
31945ca92c89ac970ae6dfb771b62f90  openssl-perl-0.9.7a-33.21.i386.rpm
471caa16df4173c4e25942bced25dcac  openssl096b-0.9.6b-16.46.i386.rpm
ef14285589ed68829f3c871fb46a8ab2  openssl096b-debuginfo-0.9.6b-16.46.i386.rpm

ia64:
0ddbef7542c03a39e5b783befa49faf9  openssl-0.9.7a-33.21.i686.rpm
5651e3de97f42cd855a931b6a80f2de9  openssl-0.9.7a-33.21.ia64.rpm
fbe2ef66dcf1465978d4cb0c3271a850  openssl-debuginfo-0.9.7a-33.21.i686.rpm
19fa9f7790fcf99a3fd031a2ada6bbd9  openssl-debuginfo-0.9.7a-33.21.ia64.rpm
57708528d814ff3c8b258d4a80528436  openssl-devel-0.9.7a-33.21.ia64.rpm
7d5ed68eb555dc1bcbc4fbabcc5b73ad  openssl-perl-0.9.7a-33.21.ia64.rpm
471caa16df4173c4e25942bced25dcac  openssl096b-0.9.6b-16.46.i386.rpm
71fc44bb49b0d92913663c8cb876e669  openssl096b-0.9.6b-16.46.ia64.rpm
ef14285589ed68829f3c871fb46a8ab2  openssl096b-debuginfo-0.9.6b-16.46.i386.rpm
22df5b0e3a9bdc8e733d37ec5ce7e174  openssl096b-debuginfo-0.9.6b-16.46.ia64.rpm

x86_64:
0ddbef7542c03a39e5b783befa49faf9  openssl-0.9.7a-33.21.i686.rpm
828ad64a16daf904ee6f670d2ace71cb  openssl-0.9.7a-33.21.x86_64.rpm
fbe2ef66dcf1465978d4cb0c3271a850  openssl-debuginfo-0.9.7a-33.21.i686.rpm
1472d0f38a85d7f53eccf8140cbefeea  openssl-debuginfo-0.9.7a-33.21.x86_64.rpm
3af1217ec416c8960d4be2201592553f  openssl-devel-0.9.7a-33.21.x86_64.rpm
ebe87dda7ab2d3c45e955810b09961b7  openssl-perl-0.9.7a-33.21.x86_64.rpm
471caa16df4173c4e25942bced25dcac  openssl096b-0.9.6b-16.46.i386.rpm
caea4604b3d35b9829093d2221ebd828  openssl096b-0.9.6b-16.46.x86_64.rpm
ef14285589ed68829f3c871fb46a8ab2  openssl096b-debuginfo-0.9.6b-16.46.i386.rpm
945552740fbe1c6b1dbca55c13b87340  openssl096b-debuginfo-0.9.6b-16.46.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/openssl-0.9.7a-33.21.src.rpm
a973479e3a45ab875fbc961df839de8e  openssl-0.9.7a-33.21.src.rpm
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/openssl096b-0.9.6b-16.46.src.rpm
13f3a51b79f3937206cc6a6a8aa6391d  openssl096b-0.9.6b-16.46.src.rpm

i386:
827852982785bfa3d5df09de6ff75091  openssl-0.9.7a-33.21.i386.rpm
0ddbef7542c03a39e5b783befa49faf9  openssl-0.9.7a-33.21.i686.rpm
e8548f583303a6f33616ab05230ec0f2  openssl-debuginfo-0.9.7a-33.21.i386.rpm
fbe2ef66dcf1465978d4cb0c3271a850  openssl-debuginfo-0.9.7a-33.21.i686.rpm
a87c753f7e6405ae8fa0aaebc68385c0  openssl-devel-0.9.7a-33.21.i386.rpm
31945ca92c89ac970ae6dfb771b62f90  openssl-perl-0.9.7a-33.21.i386.rpm
471caa16df4173c4e25942bced25dcac  openssl096b-0.9.6b-16.46.i386.rpm
ef14285589ed68829f3c871fb46a8ab2  openssl096b-debuginfo-0.9.6b-16.46.i386.rpm

ia64:
0ddbef7542c03a39e5b783befa49faf9  openssl-0.9.7a-33.21.i686.rpm
5651e3de97f42cd855a931b6a80f2de9  openssl-0.9.7a-33.21.ia64.rpm
fbe2ef66dcf1465978d4cb0c3271a850  openssl-debuginfo-0.9.7a-33.21.i686.rpm
19fa9f7790fcf99a3fd031a2ada6bbd9  openssl-debuginfo-0.9.7a-33.21.ia64.rpm
57708528d814ff3c8b258d4a80528436  openssl-devel-0.9.7a-33.21.ia64.rpm
7d5ed68eb555dc1bcbc4fbabcc5b73ad  openssl-perl-0.9.7a-33.21.ia64.rpm
471caa16df4173c4e25942bced25dcac  openssl096b-0.9.6b-16.46.i386.rpm
71fc44bb49b0d92913663c8cb876e669  openssl096b-0.9.6b-16.46.ia64.rpm
ef14285589ed68829f3c871fb46a8ab2  openssl096b-debuginfo-0.9.6b-16.46.i386.rpm
22df5b0e3a9bdc8e733d37ec5ce7e174  openssl096b-debuginfo-0.9.6b-16.46.ia64.rpm

x86_64:
0ddbef7542c03a39e5b783befa49faf9  openssl-0.9.7a-33.21.i686.rpm
828ad64a16daf904ee6f670d2ace71cb  openssl-0.9.7a-33.21.x86_64.rpm
fbe2ef66dcf1465978d4cb0c3271a850  openssl-debuginfo-0.9.7a-33.21.i686.rpm
1472d0f38a85d7f53eccf8140cbefeea  openssl-debuginfo-0.9.7a-33.21.x86_64.rpm
3af1217ec416c8960d4be2201592553f  openssl-devel-0.9.7a-33.21.x86_64.rpm
ebe87dda7ab2d3c45e955810b09961b7  openssl-perl-0.9.7a-33.21.x86_64.rpm
471caa16df4173c4e25942bced25dcac  openssl096b-0.9.6b-16.46.i386.rpm
caea4604b3d35b9829093d2221ebd828  openssl096b-0.9.6b-16.46.x86_64.rpm
ef14285589ed68829f3c871fb46a8ab2  openssl096b-debuginfo-0.9.6b-16.46.i386.rpm
945552740fbe1c6b1dbca55c13b87340  openssl096b-debuginfo-0.9.6b-16.46.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openssl-0.9.7a-43.14.src.rpm
d833a111c7c142e838e21b46c2d3d3ca  openssl-0.9.7a-43.14.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openssl096b-0.9.6b-22.46.src.rpm
2294eea329ff59ad7e7b04331c46e485  openssl096b-0.9.6b-22.46.src.rpm

i386:
064f523a3b6f886949031d85902a74e0  openssl-0.9.7a-43.14.i386.rpm
f2b76677a5e6cc4d2a55e78eb56a4fdb  openssl-0.9.7a-43.14.i686.rpm
0dac0adc8a723aa926cd932268bde04f  openssl-debuginfo-0.9.7a-43.14.i386.rpm
f01455b59465880a038ded678431226b  openssl-debuginfo-0.9.7a-43.14.i686.rpm
7591b0a079addeaed3ca622c61b170d2  openssl-devel-0.9.7a-43.14.i386.rpm
e4b978822f9e39a4b1095690f2de6ab3  openssl-perl-0.9.7a-43.14.i386.rpm
afb33c059e8edb6b092a5e6ed247d191  openssl096b-0.9.6b-22.46.i386.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e  openssl096b-debuginfo-0.9.6b-22.46.i386.rpm

ia64:
f2b76677a5e6cc4d2a55e78eb56a4fdb  openssl-0.9.7a-43.14.i686.rpm
73e0d1fb22c73ed95e47257a6da1b129  openssl-0.9.7a-43.14.ia64.rpm
f01455b59465880a038ded678431226b  openssl-debuginfo-0.9.7a-43.14.i686.rpm
619771b33a1c3e6976889e68a185151e  openssl-debuginfo-0.9.7a-43.14.ia64.rpm
b0b3d7b2d3772a89f428c868a62da176  openssl-devel-0.9.7a-43.14.ia64.rpm
5dde996b5bac48158eb076686aeab2c4  openssl-perl-0.9.7a-43.14.ia64.rpm
afb33c059e8edb6b092a5e6ed247d191  openssl096b-0.9.6b-22.46.i386.rpm
617658bda3b36c2b62810f8fad8bf5ad  openssl096b-0.9.6b-22.46.ia64.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e  openssl096b-debuginfo-0.9.6b-22.46.i386.rpm
d7c661fe81fa6f6399d56dbeae00d472  openssl096b-debuginfo-0.9.6b-22.46.ia64.rpm

ppc:
3cf9896ac1e976947a0a3112dc99a22c  openssl-0.9.7a-43.14.ppc.rpm
67279d21b053d35fe41ba527de3bd00a  openssl-0.9.7a-43.14.ppc64.rpm
e429b5da40d4754f3a1a3cfb308aada7  openssl-debuginfo-0.9.7a-43.14.ppc.rpm
498dc98df0ef7429e3f14281be63511c  openssl-debuginfo-0.9.7a-43.14.ppc64.rpm
339baf396db81a6d86eb73cdd5a10695  openssl-devel-0.9.7a-43.14.ppc.rpm
fdb5013a4955aea544c7117e0af9644c  openssl-perl-0.9.7a-43.14.ppc.rpm
a1efe172641a72e4511f378440e3c634  openssl096b-0.9.6b-22.46.ppc.rpm
33e8777bd1578e542fe003aff01ece81  openssl096b-debuginfo-0.9.6b-22.46.ppc.rpm

s390:
f19acccd901c289a66ca894f0830dcd0  openssl-0.9.7a-43.14.s390.rpm
7710ad84a6590b29435b22ed8c4d179a  openssl-debuginfo-0.9.7a-43.14.s390.rpm
79dbb4ef618a8aec8878f8ef5bf8cb47  openssl-devel-0.9.7a-43.14.s390.rpm
4b390d89960d1a19a25f42f5d7af77fa  openssl-perl-0.9.7a-43.14.s390.rpm
6ad760a809f7f821b62433a8c7afb13a  openssl096b-0.9.6b-22.46.s390.rpm
e46cc5bb3f7c9e45203135adca5a0469  openssl096b-debuginfo-0.9.6b-22.46.s390.rpm

s390x:
f19acccd901c289a66ca894f0830dcd0  openssl-0.9.7a-43.14.s390.rpm
f97c0a205796a8db148638282a582bbf  openssl-0.9.7a-43.14.s390x.rpm
7710ad84a6590b29435b22ed8c4d179a  openssl-debuginfo-0.9.7a-43.14.s390.rpm
56467884c4ba2e27fe5683374ae680a8  openssl-debuginfo-0.9.7a-43.14.s390x.rpm
0fdb4a82e29561809e89553b6006d981  openssl-devel-0.9.7a-43.14.s390x.rpm
04b452e3a8516723b12b41d3e047a07f  openssl-perl-0.9.7a-43.14.s390x.rpm
6ad760a809f7f821b62433a8c7afb13a  openssl096b-0.9.6b-22.46.s390.rpm
e46cc5bb3f7c9e45203135adca5a0469  openssl096b-debuginfo-0.9.6b-22.46.s390.rpm

x86_64:
f2b76677a5e6cc4d2a55e78eb56a4fdb  openssl-0.9.7a-43.14.i686.rpm
f0985b8088804e3bd7309b1ca2ca1d21  openssl-0.9.7a-43.14.x86_64.rpm
f01455b59465880a038ded678431226b  openssl-debuginfo-0.9.7a-43.14.i686.rpm
9183de3c43f771befacfaa209b0bc729  openssl-debuginfo-0.9.7a-43.14.x86_64.rpm
9a489c77daf969a867f3f18bee4bb6aa  openssl-devel-0.9.7a-43.14.x86_64.rpm
d16bd233156bf495de3854d2d915c5c3  openssl-perl-0.9.7a-43.14.x86_64.rpm
afb33c059e8edb6b092a5e6ed247d191  openssl096b-0.9.6b-22.46.i386.rpm
48478bec0a72ec719a31f60ddb376dad  openssl096b-0.9.6b-22.46.x86_64.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e  openssl096b-debuginfo-0.9.6b-22.46.i386.rpm
1bb29a26566a95cb8b8c3652b9e74c53  openssl096b-debuginfo-0.9.6b-22.46.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/openssl-0.9.7a-43.14.src.rpm
d833a111c7c142e838e21b46c2d3d3ca  openssl-0.9.7a-43.14.src.rpm
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/openssl096b-0.9.6b-22.46.src.rpm
2294eea329ff59ad7e7b04331c46e485  openssl096b-0.9.6b-22.46.src.rpm

i386:
064f523a3b6f886949031d85902a74e0  openssl-0.9.7a-43.14.i386.rpm
f2b76677a5e6cc4d2a55e78eb56a4fdb  openssl-0.9.7a-43.14.i686.rpm
0dac0adc8a723aa926cd932268bde04f  openssl-debuginfo-0.9.7a-43.14.i386.rpm
f01455b59465880a038ded678431226b  openssl-debuginfo-0.9.7a-43.14.i686.rpm
7591b0a079addeaed3ca622c61b170d2  openssl-devel-0.9.7a-43.14.i386.rpm
e4b978822f9e39a4b1095690f2de6ab3  openssl-perl-0.9.7a-43.14.i386.rpm
afb33c059e8edb6b092a5e6ed247d191  openssl096b-0.9.6b-22.46.i386.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e  openssl096b-debuginfo-0.9.6b-22.46.i386.rpm

x86_64:
f2b76677a5e6cc4d2a55e78eb56a4fdb  openssl-0.9.7a-43.14.i686.rpm
f0985b8088804e3bd7309b1ca2ca1d21  openssl-0.9.7a-43.14.x86_64.rpm
f01455b59465880a038ded678431226b  openssl-debuginfo-0.9.7a-43.14.i686.rpm
9183de3c43f771befacfaa209b0bc729  openssl-debuginfo-0.9.7a-43.14.x86_64.rpm
9a489c77daf969a867f3f18bee4bb6aa  openssl-devel-0.9.7a-43.14.x86_64.rpm
d16bd233156bf495de3854d2d915c5c3  openssl-perl-0.9.7a-43.14.x86_64.rpm
afb33c059e8edb6b092a5e6ed247d191  openssl096b-0.9.6b-22.46.i386.rpm
48478bec0a72ec719a31f60ddb376dad  openssl096b-0.9.6b-22.46.x86_64.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e  openssl096b-debuginfo-0.9.6b-22.46.i386.rpm
1bb29a26566a95cb8b8c3652b9e74c53  openssl096b-debuginfo-0.9.6b-22.46.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openssl-0.9.7a-43.14.src.rpm
d833a111c7c142e838e21b46c2d3d3ca  openssl-0.9.7a-43.14.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openssl096b-0.9.6b-22.46.src.rpm
2294eea329ff59ad7e7b04331c46e485  openssl096b-0.9.6b-22.46.src.rpm

i386:
064f523a3b6f886949031d85902a74e0  openssl-0.9.7a-43.14.i386.rpm
f2b76677a5e6cc4d2a55e78eb56a4fdb  openssl-0.9.7a-43.14.i686.rpm
0dac0adc8a723aa926cd932268bde04f  openssl-debuginfo-0.9.7a-43.14.i386.rpm
f01455b59465880a038ded678431226b  openssl-debuginfo-0.9.7a-43.14.i686.rpm
7591b0a079addeaed3ca622c61b170d2  openssl-devel-0.9.7a-43.14.i386.rpm
e4b978822f9e39a4b1095690f2de6ab3  openssl-perl-0.9.7a-43.14.i386.rpm
afb33c059e8edb6b092a5e6ed247d191  openssl096b-0.9.6b-22.46.i386.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e  openssl096b-debuginfo-0.9.6b-22.46.i386.rpm

ia64:
f2b76677a5e6cc4d2a55e78eb56a4fdb  openssl-0.9.7a-43.14.i686.rpm
73e0d1fb22c73ed95e47257a6da1b129  openssl-0.9.7a-43.14.ia64.rpm
f01455b59465880a038ded678431226b  openssl-debuginfo-0.9.7a-43.14.i686.rpm
619771b33a1c3e6976889e68a185151e  openssl-debuginfo-0.9.7a-43.14.ia64.rpm
b0b3d7b2d3772a89f428c868a62da176  openssl-devel-0.9.7a-43.14.ia64.rpm
5dde996b5bac48158eb076686aeab2c4  openssl-perl-0.9.7a-43.14.ia64.rpm
afb33c059e8edb6b092a5e6ed247d191  openssl096b-0.9.6b-22.46.i386.rpm
617658bda3b36c2b62810f8fad8bf5ad  openssl096b-0.9.6b-22.46.ia64.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e  openssl096b-debuginfo-0.9.6b-22.46.i386.rpm
d7c661fe81fa6f6399d56dbeae00d472  openssl096b-debuginfo-0.9.6b-22.46.ia64.rpm

x86_64:
f2b76677a5e6cc4d2a55e78eb56a4fdb  openssl-0.9.7a-43.14.i686.rpm
f0985b8088804e3bd7309b1ca2ca1d21  openssl-0.9.7a-43.14.x86_64.rpm
f01455b59465880a038ded678431226b  openssl-debuginfo-0.9.7a-43.14.i686.rpm
9183de3c43f771befacfaa209b0bc729  openssl-debuginfo-0.9.7a-43.14.x86_64.rpm
9a489c77daf969a867f3f18bee4bb6aa  openssl-devel-0.9.7a-43.14.x86_64.rpm
d16bd233156bf495de3854d2d915c5c3  openssl-perl-0.9.7a-43.14.x86_64.rpm
afb33c059e8edb6b092a5e6ed247d191  openssl096b-0.9.6b-22.46.i386.rpm
48478bec0a72ec719a31f60ddb376dad  openssl096b-0.9.6b-22.46.x86_64.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e  openssl096b-debuginfo-0.9.6b-22.46.i386.rpm
1bb29a26566a95cb8b8c3652b9e74c53  openssl096b-debuginfo-0.9.6b-22.46.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openssl-0.9.7a-43.14.src.rpm
d833a111c7c142e838e21b46c2d3d3ca  openssl-0.9.7a-43.14.src.rpm
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openssl096b-0.9.6b-22.46.src.rpm
2294eea329ff59ad7e7b04331c46e485  openssl096b-0.9.6b-22.46.src.rpm

i386:
064f523a3b6f886949031d85902a74e0  openssl-0.9.7a-43.14.i386.rpm
f2b76677a5e6cc4d2a55e78eb56a4fdb  openssl-0.9.7a-43.14.i686.rpm
0dac0adc8a723aa926cd932268bde04f  openssl-debuginfo-0.9.7a-43.14.i386.rpm
f01455b59465880a038ded678431226b  openssl-debuginfo-0.9.7a-43.14.i686.rpm
7591b0a079addeaed3ca622c61b170d2  openssl-devel-0.9.7a-43.14.i386.rpm
e4b978822f9e39a4b1095690f2de6ab3  openssl-perl-0.9.7a-43.14.i386.rpm
afb33c059e8edb6b092a5e6ed247d191  openssl096b-0.9.6b-22.46.i386.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e  openssl096b-debuginfo-0.9.6b-22.46.i386.rpm

ia64:
f2b76677a5e6cc4d2a55e78eb56a4fdb  openssl-0.9.7a-43.14.i686.rpm
73e0d1fb22c73ed95e47257a6da1b129  openssl-0.9.7a-43.14.ia64.rpm
f01455b59465880a038ded678431226b  openssl-debuginfo-0.9.7a-43.14.i686.rpm
619771b33a1c3e6976889e68a185151e  openssl-debuginfo-0.9.7a-43.14.ia64.rpm
b0b3d7b2d3772a89f428c868a62da176  openssl-devel-0.9.7a-43.14.ia64.rpm
5dde996b5bac48158eb076686aeab2c4  openssl-perl-0.9.7a-43.14.ia64.rpm
afb33c059e8edb6b092a5e6ed247d191  openssl096b-0.9.6b-22.46.i386.rpm
617658bda3b36c2b62810f8fad8bf5ad  openssl096b-0.9.6b-22.46.ia64.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e  openssl096b-debuginfo-0.9.6b-22.46.i386.rpm
d7c661fe81fa6f6399d56dbeae00d472  openssl096b-debuginfo-0.9.6b-22.46.ia64.rpm

x86_64:
f2b76677a5e6cc4d2a55e78eb56a4fdb  openssl-0.9.7a-43.14.i686.rpm
f0985b8088804e3bd7309b1ca2ca1d21  openssl-0.9.7a-43.14.x86_64.rpm
f01455b59465880a038ded678431226b  openssl-debuginfo-0.9.7a-43.14.i686.rpm
9183de3c43f771befacfaa209b0bc729  openssl-debuginfo-0.9.7a-43.14.x86_64.rpm
9a489c77daf969a867f3f18bee4bb6aa  openssl-devel-0.9.7a-43.14.x86_64.rpm
d16bd233156bf495de3854d2d915c5c3  openssl-perl-0.9.7a-43.14.x86_64.rpm
afb33c059e8edb6b092a5e6ed247d191  openssl096b-0.9.6b-22.46.i386.rpm
48478bec0a72ec719a31f60ddb376dad  openssl096b-0.9.6b-22.46.x86_64.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e  openssl096b-debuginfo-0.9.6b-22.46.i386.rpm
1bb29a26566a95cb8b8c3652b9e74c53  openssl096b-debuginfo-0.9.6b-22.46.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
http://www.openssl.org/news/secadv_20060928.txt
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert redhat com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2006 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD4DBQFFHGhiXlSAg2UNWIIRAu2nAJYmwwtHpc8OC4IXFDMeFwIFJztXAKCgqcYG
qrzF4JgziN2vb1RzGtlVrA==
=3avm
-----END PGP SIGNATURE-----



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]