[SECURITY] Fedora Core 5 Update: openssl097a-0.9.7a-4.2.2

Tomas Mraz tmraz at redhat.com
Tue Sep 5 16:51:38 UTC 2006 

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2006-953
2006-09-05
---------------------------------------------------------------------

Product     : Fedora Core 5
Name        : openssl097a
Version     : 0.9.7a
Release     : 4.2.2
Summary     : The OpenSSL toolkit.
Description :
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

---------------------------------------------------------------------
Update Information:

This is a security update for CVE-2006-4339.
Avoid PKCS #1 v1.5 signature attack discovered by Daniel
Bleichenbacher [Ben Laurie; Google Security Team]


---------------------------------------------------------------------
* Sat Sep  9 2006 Tomas Mraz <tmraz at redhat.com> 0.9.7a-43.11
- fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180)

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

1663e28f1c7d567b84525d85a68bc93cc5ace9ca  SRPMS/openssl097a-0.9.7a-4.2.2.src.rpm
1663e28f1c7d567b84525d85a68bc93cc5ace9ca  noarch/openssl097a-0.9.7a-4.2.2.src.rpm
c388a85a77481561043c919add17791d3359eeb7  ppc/openssl097a-0.9.7a-4.2.2.ppc.rpm
c992086045e90fd0253e044a2c0ca50cdcb06cfe  ppc/debug/openssl097a-debuginfo-0.9.7a-4.2.2.ppc.rpm
baa3706104663b3a58ce62e0427a1f6d17398e5f  x86_64/debug/openssl097a-debuginfo-0.9.7a-4.2.2.x86_64.rpm
05fe5c423fc2b73bcfd75f79cf9b5d491dea9478  x86_64/openssl097a-0.9.7a-4.2.2.x86_64.rpm
f28650aec78f4871db5d31ba9f36953d27dcfac2  i386/openssl097a-0.9.7a-4.2.2.i386.rpm
932e365bf0735fb50fd4833b3c15bd1e7b74db7c  i386/debug/openssl097a-debuginfo-0.9.7a-4.2.2.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------

More information about the package-announce mailing list