[SECURITY] Fedora Core 5 Update: openssl-0.9.8a-5.3

Tomas Mraz tmraz at redhat.com
Tue Sep 5 16:51:30 UTC 2006 

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2006-953
2006-09-05
---------------------------------------------------------------------

Product     : Fedora Core 5
Name        : openssl
Version     : 0.9.8a
Release     : 5.3
Summary     : The OpenSSL toolkit.
Description :
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

---------------------------------------------------------------------
Update Information:

This is a security update for CVE-2006-4339.
Avoid PKCS #1 v1.5 signature attack discovered by Daniel
Bleichenbacher [Ben Laurie; Google Security Team]

---------------------------------------------------------------------
* Sat Sep  9 2006 Tomas Mraz <tmraz at redhat.com> 0.9.8a-5.3
- fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180)

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

23fc0828f9631717a9afb5dd5169981d1f8ee6af  SRPMS/openssl-0.9.8a-5.3.src.rpm
23fc0828f9631717a9afb5dd5169981d1f8ee6af  noarch/openssl-0.9.8a-5.3.src.rpm
fc9a7a087c4b285c64cd7960534b1d756ceaacc3  ppc/debug/openssl-debuginfo-0.9.8a-5.3.ppc.rpm
762c7f88f041611127226905766eb320245d5508  ppc/openssl-perl-0.9.8a-5.3.ppc.rpm
f8f22f82680f89185e962aaf7a0474f344b13db0  ppc/openssl-devel-0.9.8a-5.3.ppc.rpm
c8b7ee867375546055b599b2dd59b34b7cc26c39  ppc/openssl-0.9.8a-5.3.ppc.rpm
c89152a2ef501d980df2a31d2722f99c284544cb  x86_64/debug/openssl-debuginfo-0.9.8a-5.3.x86_64.rpm
0618ca2d41ab232a7372f215f521bbea91376bc8  x86_64/openssl-devel-0.9.8a-5.3.x86_64.rpm
a6b4502c79222ba29bae7cd46b400e66d3448063  x86_64/openssl-perl-0.9.8a-5.3.x86_64.rpm
aee664e73aeb1578e87c1223656b5e756f703d23  x86_64/openssl-0.9.8a-5.3.x86_64.rpm
54c86188135bbb140215a508ee5ea5759eff07dc  i386/openssl-0.9.8a-5.3.i386.rpm
4f88df0cdbd4067c11e6a7128720a8d00c6e85fc  i386/openssl-perl-0.9.8a-5.3.i386.rpm
fab1da1577c5e6585b58536c1d7fc78e35e6bc7f  i386/openssl-devel-0.9.8a-5.3.i386.rpm
790e98c10592777b471236e97e29ec3f7ce6f0d9  i386/debug/openssl-debuginfo-0.9.8a-5.3.i386.rpm
b10bc359680d4fda5f617fd3ee9b4de8a531f643  i386/debug/openssl-debuginfo-0.9.8a-5.3.i686.rpm
fcc78c6c6c5d1aa6c0f3aae6a1653258bae8a962  i386/openssl-0.9.8a-5.3.i686.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------

More information about the package-announce mailing list