Fedora Update Notification
FEDORA-2004-095
2004-03-19
---------------------------------------------------------------------

Name        : openssl
Version     : 0.9.7a                      
Release     : 33.10                  
Summary     : The OpenSSL toolkit.
Description :
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

---------------------------------------------------------------------
Update Information:

This update includes OpenSSL packages to fix two security issues
affecting OpenSSL 0.9.7a which allow denial of service attacks; CVE
CAN-2004-0079 and CVE CAN-2003-0851.

Also included are updates for the OpenSSL 0.9.6 and 0.9.6b
compatibility libraries included in Fedora Core 1, fixing a separate
issue which could also lead to a denial of service attack; CVE
CAN-2004-0081.

---------------------------------------------------------------------
This update can be downloaded from:
   
e8bdb97523942f9ffaa2266557522cb4  SRPMS/openssl-0.9.7a-33.10.src.rpm
e8b8fa33866d3bfb18a0bb363b7da157  i386/openssl-0.9.7a-33.10.i386.rpm
185ce2fa3dcc7eefd08755fbf32ba4b9  i386/openssl-devel-0.9.7a-33.10.i386.rpm
dffeec7a90d6d455d42f4150f8d87234  i386/openssl-perl-0.9.7a-33.10.i386.rpm
910b24732d051afceda9f9c725b26eaf  i386/debug/openssl-debuginfo-0.9.7a-33.10.i386.rpm
f2c1ee5973157103d6699fb8122a42cd  i386/openssl-0.9.7a-33.10.i686.rpm
aae58c51061b47c4886249787a6b0d12  i386/debug/openssl-debuginfo-0.9.7a-33.10.i686.rpm
ef901bfd90760a5a9bfe04964fc1edaf  x86_64/openssl-0.9.7a-33.10.x86_64.rpm
0efb65591070daa52274aeba71c27c25  x86_64/openssl-devel-0.9.7a-33.10.x86_64.rpm
6c37c57523dafe0125ea7cafd9d03bd1  x86_64/openssl-perl-0.9.7a-33.10.x86_64.rpm
e3fa109733cd72647c96cd02a2c92628  x86_64/debug/openssl-debuginfo-0.9.7a-33.10.x86_64.rpm

bfa1844b85a37b4985bc05078c34dc5a  SRPMS/openssl096-0.9.6-26.src.rpm
a138ec3378572805b3607f0e55eb081a  i386/openssl096-0.9.6-26.i386.rpm
810ef6df3fcc5762b3b69654f9f1e145  i386/debug/openssl096-debuginfo-0.9.6-26.i386.rpm
b54014864a487e940b0a433755e75893  x86_64/openssl096-0.9.6-26.x86_64.rpm
12c3ebe731dc15263ae8e980173c3f9f  x86_64/debug/openssl096-debuginfo-0.9.6-26.x86_64.rpm

216c598e2d8ded8f24f1c3b828051743  SRPMS/openssl096b-0.9.6b-18.src.rpm
5db375e1acdaf84a33ccab3f9f48b171  i386/openssl096b-0.9.6b-18.i386.rpm
b904fa03ff1b6ad06a488e3388b74a58  i386/debug/openssl096b-debuginfo-0.9.6b-18.i386.rpm
d2f6313c15f893b15230a82bc9ca5c5e  x86_64/openssl096b-0.9.6b-18.x86_64.rpm
25804bd47caad8bb6a6d74f46c36cf62  x86_64/debug/openssl096b-debuginfo-0.9.6b-18.x86_64.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.

Fedora: OpenSSL Denial of service vulnerabilities

March 23, 2004
This update includes OpenSSL packages to fix two security issues affecting OpenSSL 0.9.7a which allow denial of service attacks.

Summary

The OpenSSL toolkit provides support for secure communications between

machines. OpenSSL includes a certificate management tool and shared

libraries which provide various cryptographic algorithms and

protocols.

Update Information:

This update includes OpenSSL packages to fix two security issues affecting OpenSSL 0.9.7a which allow denial of service attacks; CVE CAN-2004-0079 and CVE CAN-2003-0851.

Also included are updates for the OpenSSL 0.9.6 and 0.9.6b compatibility libraries included in Fedora Core 1, fixing a separate issue which could also lead to a denial of service attack; CVE CAN-2004-0081.

This update can be downloaded from:

e8bdb97523942f9ffaa2266557522cb4 SRPMS/openssl-0.9.7a-33.10.src.rpm e8b8fa33866d3bfb18a0bb363b7da157 i386/openssl-0.9.7a-33.10.i386.rpm 185ce2fa3dcc7eefd08755fbf32ba4b9 i386/openssl-devel-0.9.7a-33.10.i386.rpm dffeec7a90d6d455d42f4150f8d87234 i386/openssl-perl-0.9.7a-33.10.i386.rpm 910b24732d051afceda9f9c725b26eaf i386/debug/openssl-debuginfo-0.9.7a-33.10.i386.rpm f2c1ee5973157103d6699fb8122a42cd i386/openssl-0.9.7a-33.10.i686.rpm aae58c51061b47c4886249787a6b0d12 i386/debug/openssl-debuginfo-0.9.7a-33.10.i686.rpm ef901bfd90760a5a9bfe04964fc1edaf x86_64/openssl-0.9.7a-33....

Read the Full Advisory

Change Log

References

Fedora Update Notification FEDORA-2004-095 2004-03-19 Name : openssl Version : 0.9.7a Release : 33.10 Summary : The OpenSSL toolkit. Description : The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

Update Instructions

Severity
Name : openssl
Version : 0.9.7a
Release : 33.10
Summary : The OpenSSL toolkit.

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved