[SECURITY] Fedora Core 5 Update: openssl-0.9.8a-5.4

Tomas Mraz tmraz at redhat.com
Thu Sep 28 22:12:36 UTC 2006


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2006-1004
2006-09-28
---------------------------------------------------------------------

Product     : Fedora Core 5
Name        : openssl
Version     : 0.9.8a
Release     : 5.4
Summary     : The OpenSSL toolkit.
Description :
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

---------------------------------------------------------------------

* Thu Sep 28 2006 Tomas Mraz <tmraz at redhat.com> 0.9.8a-5.4
- fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)
- fix CVE-2006-2940 - parasitic public keys DoS (#207274)
- fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940)
- fix CVE-2006-4343 - sslv2 client DoS (#206940)
* Sat Sep  9 2006 Tomas Mraz <tmraz at redhat.com> 0.9.8a-5.3
- fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180)

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

84187ee4291178f54383466cc3e1efd295886767  SRPMS/openssl-0.9.8a-5.4.src.rpm
84187ee4291178f54383466cc3e1efd295886767  noarch/openssl-0.9.8a-5.4.src.rpm
81849f06f6364fe486a3037a7693e1060ebed0c3  ppc/openssl-devel-0.9.8a-5.4.ppc.rpm
c945e5cfd9c9acb120ef5b898eed6934f0a449af  ppc/debug/openssl-debuginfo-0.9.8a-5.4.ppc.rpm
e9226b4238bea6f72a7c9652425f9b32af6cd034  ppc/openssl-perl-0.9.8a-5.4.ppc.rpm
ab25f6a7328151aa30aac3d25952a40ec08acfe3  ppc/openssl-0.9.8a-5.4.ppc.rpm
972b20d28853da87db8c2a86abc9431984428c94  x86_64/openssl-0.9.8a-5.4.x86_64.rpm
63894b30c72bbf0ba139445e9d71ba363217015b  x86_64/openssl-devel-0.9.8a-5.4.x86_64.rpm
bc2f0fe44af37c294fab399a6a6fce563dc0e291  x86_64/openssl-perl-0.9.8a-5.4.x86_64.rpm
942d3dd91ec995d1dbefe21f1c84e39e5c7ee2d7  x86_64/debug/openssl-debuginfo-0.9.8a-5.4.x86_64.rpm
fe7d02458350fbfb11884afede1cb87be8e877f0  i386/openssl-0.9.8a-5.4.i386.rpm
b6b802a4d1b27aa3fc98f11ca33ae26cb638c015  i386/openssl-perl-0.9.8a-5.4.i386.rpm
9c7adb685f66f67c39e68440d371bceb013d03d4  i386/debug/openssl-debuginfo-0.9.8a-5.4.i386.rpm
115734b4e402bc023853934142a3c2d9994d3b50  i386/openssl-devel-0.9.8a-5.4.i386.rpm
e1a79eb50016d5baf07737d0dcc1ac10b8176526  i386/openssl-0.9.8a-5.4.i686.rpm
ae0d63e90925c092805d24c338c55abb7f9234c2  i386/debug/openssl-debuginfo-0.9.8a-5.4.i686.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------




More information about the package-announce mailing list