-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
-
------------------------------------------------------------
---------
Red Hat Security Advisory
Synopsis: Important: openssl security update
Advisory ID: RHSA-2006:0695-01
Advisory URL: htt
ps://rhn.redhat.com/errata/RHSA-2006-0695.html
Issue date: 2006-09-28
Updated on: 2006-09-28
Product: Red Hat Enterprise Linux
CVE Names: CVE-2006-2937 CVE-2006-2940 CVE-2006-3738
CVE-2006-4343
-
------------------------------------------------------------
---------
1. Summary:
Updated OpenSSL packages are now available to correct
several security issues.
This update has been rated as having important security
impact by the Red
Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 -
i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc,
s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc,
s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
3. Problem description:
The OpenSSL toolkit provides support for secure
communications between
machines. OpenSSL includes a certificate management tool and
shared
libraries which provide various cryptographic algorithms and
protocols.
Tavis Ormandy and Will Drewry of the Google Security Team
discovered a
buffer overflow in the SSL_get_shared_ciphers() utility
function. An
attacker could send a list of ciphers to an application that
used this
function and overrun a buffer (CVE-2006-3738). Few
applications make use
of this vulnerable function and generally it is used only
when applications
are compiled for debugging.
Tavis Ormandy and Will Drewry of the Google Security Team
discovered a
flaw in the SSLv2 client code. When a client application
used OpenSSL to
create an SSLv2 connection to a malicious server, that
server could cause
the client to crash. (CVE-2006-4343)
Dr S. N. Henson of the OpenSSL core team and Open Network
Security recently
developed an ASN.1 test suite for NISCC (www.niscc.gov.uk)
which uncovered
denial of service vulnerabilities:
* Certain public key types can take disproportionate amounts
of time to
process, leading to a denial of service. (CVE-2006-2940)
* During parsing of certain invalid ASN.1 structures an
error condition was
mishandled. This can result in an infinite loop which
consumed system
memory (CVE-2006-2937). This issue does not affect the
OpenSSL version
distributed in Red Hat Enterprise Linux 2.1.
These vulnerabilities can affect applications which use
OpenSSL to parse
ASN.1 data from untrusted sources, including SSL servers
which enable
client authentication and S/MIME applications.
Users are advised to upgrade to these updated packages,
which contain
backported patches to correct these issues.
Note: After installing this update, users are advised to
either restart all
services that use OpenSSL or restart their system.
4. Solution:
Before applying this update, make sure all previously
released errata
relevant to your system have been applied.
This update is available via Red Hat Network. To use Red
Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in
the appropriate
RPMs being upgraded on your system.
5. Bug IDs fixed (http://bugzilla.redhat.co
m/):
206940 - CVE-2006-3738 OpenSSL issues (CVE-2006-4343)
207274 - CVE-2006-2940 OpenSSL Parasitic Public Keys
207276 - CVE-2006-2937 OpenSSL ASN1 DoS
6. RPMs required:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/openss
l-0.9.6b-46.src.rpm
8dec955be0bcdb6aae9bc0fc6c832eca openssl-0.9.6b-46.src.rpm
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/openss
l095a-0.9.5a-32.src.rpm
31991401d1065d4934f00a7cb0b35b30
openssl095a-0.9.5a-32.src.rpm
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/openss
l096-0.9.6-32.src.rpm
f2854e9ff45b62b93e8f9cb1b59a05c1
openssl096-0.9.6-32.src.rpm
i386:
c28b3f1b264ab2ea1986cf2c0f211437 openssl-0.9.6b-46.i386.rpm
fca94acfb677dc9155716d7a779f7ede openssl-0.9.6b-46.i686.rpm
b2edb35842b91ed24dbee0a739993129
openssl-devel-0.9.6b-46.i386.rpm
b502425dd73fdc854d1bbe6f29f65bd8
openssl-perl-0.9.6b-46.i386.rpm
a0212f46e2e06dc8557154fd444b8277
openssl095a-0.9.5a-32.i386.rpm
b64b17ba8f32468723a569d36642defc
openssl096-0.9.6-32.i386.rpm
ia64:
910ab86216c49bfd0091f10f77da729c openssl-0.9.6b-46.ia64.rpm
7f9f4c612988c83a7a42849eee5cd8cd
openssl-devel-0.9.6b-46.ia64.rpm
6741a6cad4ee2bd6971ec6c2ae4744af
openssl-perl-0.9.6b-46.ia64.rpm
23953bd1c31641930574c3e72256f026
openssl095a-0.9.5a-32.ia64.rpm
1a1277a9803202b82258d8e0194bd559
openssl096-0.9.6-32.ia64.rpm
Red Hat Linux Advanced Workstation 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/openss
l-0.9.6b-46.src.rpm
8dec955be0bcdb6aae9bc0fc6c832eca openssl-0.9.6b-46.src.rpm
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/openss
l095a-0.9.5a-32.src.rpm
31991401d1065d4934f00a7cb0b35b30
openssl095a-0.9.5a-32.src.rpm
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/openss
l096-0.9.6-32.src.rpm
f2854e9ff45b62b93e8f9cb1b59a05c1
openssl096-0.9.6-32.src.rpm
ia64:
910ab86216c49bfd0091f10f77da729c openssl-0.9.6b-46.ia64.rpm
7f9f4c612988c83a7a42849eee5cd8cd
openssl-devel-0.9.6b-46.ia64.rpm
6741a6cad4ee2bd6971ec6c2ae4744af
openssl-perl-0.9.6b-46.ia64.rpm
23953bd1c31641930574c3e72256f026
openssl095a-0.9.5a-32.ia64.rpm
1a1277a9803202b82258d8e0194bd559
openssl096-0.9.6-32.ia64.rpm
Red Hat Enterprise Linux ES version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/openss
l-0.9.6b-46.src.rpm
8dec955be0bcdb6aae9bc0fc6c832eca openssl-0.9.6b-46.src.rpm
i386:
c28b3f1b264ab2ea1986cf2c0f211437 openssl-0.9.6b-46.i386.rpm
fca94acfb677dc9155716d7a779f7ede openssl-0.9.6b-46.i686.rpm
b2edb35842b91ed24dbee0a739993129
openssl-devel-0.9.6b-46.i386.rpm
b502425dd73fdc854d1bbe6f29f65bd8
openssl-perl-0.9.6b-46.i386.rpm
Red Hat Enterprise Linux WS version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/openss
l-0.9.6b-46.src.rpm
8dec955be0bcdb6aae9bc0fc6c832eca openssl-0.9.6b-46.src.rpm
i386:
c28b3f1b264ab2ea1986cf2c0f211437 openssl-0.9.6b-46.i386.rpm
fca94acfb677dc9155716d7a779f7ede openssl-0.9.6b-46.i686.rpm
b2edb35842b91ed24dbee0a739993129
openssl-devel-0.9.6b-46.i386.rpm
b502425dd73fdc854d1bbe6f29f65bd8
openssl-perl-0.9.6b-46.i386.rpm
Red Hat Enterprise Linux AS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/openssl-
0.9.7a-33.21.src.rpm
a973479e3a45ab875fbc961df839de8e
openssl-0.9.7a-33.21.src.rpm
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/openssl0
96b-0.9.6b-16.46.src.rpm
13f3a51b79f3937206cc6a6a8aa6391d
openssl096b-0.9.6b-16.46.src.rpm
i386:
827852982785bfa3d5df09de6ff75091
openssl-0.9.7a-33.21.i386.rpm
0ddbef7542c03a39e5b783befa49faf9
openssl-0.9.7a-33.21.i686.rpm
e8548f583303a6f33616ab05230ec0f2
openssl-debuginfo-0.9.7a-33.21.i386.rpm
fbe2ef66dcf1465978d4cb0c3271a850
openssl-debuginfo-0.9.7a-33.21.i686.rpm
a87c753f7e6405ae8fa0aaebc68385c0
openssl-devel-0.9.7a-33.21.i386.rpm
31945ca92c89ac970ae6dfb771b62f90
openssl-perl-0.9.7a-33.21.i386.rpm
471caa16df4173c4e25942bced25dcac
openssl096b-0.9.6b-16.46.i386.rpm
ef14285589ed68829f3c871fb46a8ab2
openssl096b-debuginfo-0.9.6b-16.46.i386.rpm
ia64:
0ddbef7542c03a39e5b783befa49faf9
openssl-0.9.7a-33.21.i686.rpm
5651e3de97f42cd855a931b6a80f2de9
openssl-0.9.7a-33.21.ia64.rpm
fbe2ef66dcf1465978d4cb0c3271a850
openssl-debuginfo-0.9.7a-33.21.i686.rpm
19fa9f7790fcf99a3fd031a2ada6bbd9
openssl-debuginfo-0.9.7a-33.21.ia64.rpm
57708528d814ff3c8b258d4a80528436
openssl-devel-0.9.7a-33.21.ia64.rpm
7d5ed68eb555dc1bcbc4fbabcc5b73ad
openssl-perl-0.9.7a-33.21.ia64.rpm
471caa16df4173c4e25942bced25dcac
openssl096b-0.9.6b-16.46.i386.rpm
71fc44bb49b0d92913663c8cb876e669
openssl096b-0.9.6b-16.46.ia64.rpm
ef14285589ed68829f3c871fb46a8ab2
openssl096b-debuginfo-0.9.6b-16.46.i386.rpm
22df5b0e3a9bdc8e733d37ec5ce7e174
openssl096b-debuginfo-0.9.6b-16.46.ia64.rpm
ppc:
23dd92775b7dff6f9af187e70189a441
openssl-0.9.7a-33.21.ppc.rpm
fdd82d793ffa19d4b2cb24436715b6ef
openssl-0.9.7a-33.21.ppc64.rpm
646c09be6961463a5dd1c73c396addac
openssl-debuginfo-0.9.7a-33.21.ppc.rpm
c34b6862bc1ddca063e8983ed66cd9b3
openssl-debuginfo-0.9.7a-33.21.ppc64.rpm
cf07c421339a5cbc7b83b445dc83cbb3
openssl-devel-0.9.7a-33.21.ppc.rpm
4b64038e9b9e1a21125ed5fe96936f3a
openssl-perl-0.9.7a-33.21.ppc.rpm
251d55b641566819d7a622c3df7adae2
openssl096b-0.9.6b-16.46.ppc.rpm
2c25be65c057819ecfc49c2c8358839f
openssl096b-debuginfo-0.9.6b-16.46.ppc.rpm
s390:
4537fa728fbd6535bf9ebfc1dfae9db4
openssl-0.9.7a-33.21.s390.rpm
4ebd21d1b7be9ba245d3e0370f670c81
openssl-debuginfo-0.9.7a-33.21.s390.rpm
0ca48923672d80934b89dd4f23f19477
openssl-devel-0.9.7a-33.21.s390.rpm
586f5db21d131f1124b6c9a86a06392f
openssl-perl-0.9.7a-33.21.s390.rpm
ba87b58750856cc18d5de41573455ad6
openssl096b-0.9.6b-16.46.s390.rpm
3e9db2b43a0bb3e580fbfd02efbf15db
openssl096b-debuginfo-0.9.6b-16.46.s390.rpm
s390x:
4537fa728fbd6535bf9ebfc1dfae9db4
openssl-0.9.7a-33.21.s390.rpm
287730c6542c5f6f75f21175bc35663a
openssl-0.9.7a-33.21.s390x.rpm
4ebd21d1b7be9ba245d3e0370f670c81
openssl-debuginfo-0.9.7a-33.21.s390.rpm
2fbb8d077dc825d6db60336d372018fb
openssl-debuginfo-0.9.7a-33.21.s390x.rpm
03d78bb245573ca4dee34deeb38147de
openssl-devel-0.9.7a-33.21.s390x.rpm
3e74b96f4ede173e0c9ec76d39991759
openssl-perl-0.9.7a-33.21.s390x.rpm
ba87b58750856cc18d5de41573455ad6
openssl096b-0.9.6b-16.46.s390.rpm
3e9db2b43a0bb3e580fbfd02efbf15db
openssl096b-debuginfo-0.9.6b-16.46.s390.rpm
x86_64:
0ddbef7542c03a39e5b783befa49faf9
openssl-0.9.7a-33.21.i686.rpm
828ad64a16daf904ee6f670d2ace71cb
openssl-0.9.7a-33.21.x86_64.rpm
fbe2ef66dcf1465978d4cb0c3271a850
openssl-debuginfo-0.9.7a-33.21.i686.rpm
1472d0f38a85d7f53eccf8140cbefeea
openssl-debuginfo-0.9.7a-33.21.x86_64.rpm
3af1217ec416c8960d4be2201592553f
openssl-devel-0.9.7a-33.21.x86_64.rpm
ebe87dda7ab2d3c45e955810b09961b7
openssl-perl-0.9.7a-33.21.x86_64.rpm
471caa16df4173c4e25942bced25dcac
openssl096b-0.9.6b-16.46.i386.rpm
caea4604b3d35b9829093d2221ebd828
openssl096b-0.9.6b-16.46.x86_64.rpm
ef14285589ed68829f3c871fb46a8ab2
openssl096b-debuginfo-0.9.6b-16.46.i386.rpm
945552740fbe1c6b1dbca55c13b87340
openssl096b-debuginfo-0.9.6b-16.46.x86_64.rpm
Red Hat Desktop version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/ope
nssl-0.9.7a-33.21.src.rpm
a973479e3a45ab875fbc961df839de8e
openssl-0.9.7a-33.21.src.rpm
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/ope
nssl096b-0.9.6b-16.46.src.rpm
13f3a51b79f3937206cc6a6a8aa6391d
openssl096b-0.9.6b-16.46.src.rpm
i386:
827852982785bfa3d5df09de6ff75091
openssl-0.9.7a-33.21.i386.rpm
0ddbef7542c03a39e5b783befa49faf9
openssl-0.9.7a-33.21.i686.rpm
e8548f583303a6f33616ab05230ec0f2
openssl-debuginfo-0.9.7a-33.21.i386.rpm
fbe2ef66dcf1465978d4cb0c3271a850
openssl-debuginfo-0.9.7a-33.21.i686.rpm
a87c753f7e6405ae8fa0aaebc68385c0
openssl-devel-0.9.7a-33.21.i386.rpm
31945ca92c89ac970ae6dfb771b62f90
openssl-perl-0.9.7a-33.21.i386.rpm
471caa16df4173c4e25942bced25dcac
openssl096b-0.9.6b-16.46.i386.rpm
ef14285589ed68829f3c871fb46a8ab2
openssl096b-debuginfo-0.9.6b-16.46.i386.rpm
x86_64:
0ddbef7542c03a39e5b783befa49faf9
openssl-0.9.7a-33.21.i686.rpm
828ad64a16daf904ee6f670d2ace71cb
openssl-0.9.7a-33.21.x86_64.rpm
fbe2ef66dcf1465978d4cb0c3271a850
openssl-debuginfo-0.9.7a-33.21.i686.rpm
1472d0f38a85d7f53eccf8140cbefeea
openssl-debuginfo-0.9.7a-33.21.x86_64.rpm
3af1217ec416c8960d4be2201592553f
openssl-devel-0.9.7a-33.21.x86_64.rpm
ebe87dda7ab2d3c45e955810b09961b7
openssl-perl-0.9.7a-33.21.x86_64.rpm
471caa16df4173c4e25942bced25dcac
openssl096b-0.9.6b-16.46.i386.rpm
caea4604b3d35b9829093d2221ebd828
openssl096b-0.9.6b-16.46.x86_64.rpm
ef14285589ed68829f3c871fb46a8ab2
openssl096b-debuginfo-0.9.6b-16.46.i386.rpm
945552740fbe1c6b1dbca55c13b87340
openssl096b-debuginfo-0.9.6b-16.46.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/openssl-
0.9.7a-33.21.src.rpm
a973479e3a45ab875fbc961df839de8e
openssl-0.9.7a-33.21.src.rpm
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/openssl0
96b-0.9.6b-16.46.src.rpm
13f3a51b79f3937206cc6a6a8aa6391d
openssl096b-0.9.6b-16.46.src.rpm
i386:
827852982785bfa3d5df09de6ff75091
openssl-0.9.7a-33.21.i386.rpm
0ddbef7542c03a39e5b783befa49faf9
openssl-0.9.7a-33.21.i686.rpm
e8548f583303a6f33616ab05230ec0f2
openssl-debuginfo-0.9.7a-33.21.i386.rpm
fbe2ef66dcf1465978d4cb0c3271a850
openssl-debuginfo-0.9.7a-33.21.i686.rpm
a87c753f7e6405ae8fa0aaebc68385c0
openssl-devel-0.9.7a-33.21.i386.rpm
31945ca92c89ac970ae6dfb771b62f90
openssl-perl-0.9.7a-33.21.i386.rpm
471caa16df4173c4e25942bced25dcac
openssl096b-0.9.6b-16.46.i386.rpm
ef14285589ed68829f3c871fb46a8ab2
openssl096b-debuginfo-0.9.6b-16.46.i386.rpm
ia64:
0ddbef7542c03a39e5b783befa49faf9
openssl-0.9.7a-33.21.i686.rpm
5651e3de97f42cd855a931b6a80f2de9
openssl-0.9.7a-33.21.ia64.rpm
fbe2ef66dcf1465978d4cb0c3271a850
openssl-debuginfo-0.9.7a-33.21.i686.rpm
19fa9f7790fcf99a3fd031a2ada6bbd9
openssl-debuginfo-0.9.7a-33.21.ia64.rpm
57708528d814ff3c8b258d4a80528436
openssl-devel-0.9.7a-33.21.ia64.rpm
7d5ed68eb555dc1bcbc4fbabcc5b73ad
openssl-perl-0.9.7a-33.21.ia64.rpm
471caa16df4173c4e25942bced25dcac
openssl096b-0.9.6b-16.46.i386.rpm
71fc44bb49b0d92913663c8cb876e669
openssl096b-0.9.6b-16.46.ia64.rpm
ef14285589ed68829f3c871fb46a8ab2
openssl096b-debuginfo-0.9.6b-16.46.i386.rpm
22df5b0e3a9bdc8e733d37ec5ce7e174
openssl096b-debuginfo-0.9.6b-16.46.ia64.rpm
x86_64:
0ddbef7542c03a39e5b783befa49faf9
openssl-0.9.7a-33.21.i686.rpm
828ad64a16daf904ee6f670d2ace71cb
openssl-0.9.7a-33.21.x86_64.rpm
fbe2ef66dcf1465978d4cb0c3271a850
openssl-debuginfo-0.9.7a-33.21.i686.rpm
1472d0f38a85d7f53eccf8140cbefeea
openssl-debuginfo-0.9.7a-33.21.x86_64.rpm
3af1217ec416c8960d4be2201592553f
openssl-devel-0.9.7a-33.21.x86_64.rpm
ebe87dda7ab2d3c45e955810b09961b7
openssl-perl-0.9.7a-33.21.x86_64.rpm
471caa16df4173c4e25942bced25dcac
openssl096b-0.9.6b-16.46.i386.rpm
caea4604b3d35b9829093d2221ebd828
openssl096b-0.9.6b-16.46.x86_64.rpm
ef14285589ed68829f3c871fb46a8ab2
openssl096b-debuginfo-0.9.6b-16.46.i386.rpm
945552740fbe1c6b1dbca55c13b87340
openssl096b-debuginfo-0.9.6b-16.46.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/openssl-
0.9.7a-33.21.src.rpm
a973479e3a45ab875fbc961df839de8e
openssl-0.9.7a-33.21.src.rpm
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/openssl0
96b-0.9.6b-16.46.src.rpm
13f3a51b79f3937206cc6a6a8aa6391d
openssl096b-0.9.6b-16.46.src.rpm
i386:
827852982785bfa3d5df09de6ff75091
openssl-0.9.7a-33.21.i386.rpm
0ddbef7542c03a39e5b783befa49faf9
openssl-0.9.7a-33.21.i686.rpm
e8548f583303a6f33616ab05230ec0f2
openssl-debuginfo-0.9.7a-33.21.i386.rpm
fbe2ef66dcf1465978d4cb0c3271a850
openssl-debuginfo-0.9.7a-33.21.i686.rpm
a87c753f7e6405ae8fa0aaebc68385c0
openssl-devel-0.9.7a-33.21.i386.rpm
31945ca92c89ac970ae6dfb771b62f90
openssl-perl-0.9.7a-33.21.i386.rpm
471caa16df4173c4e25942bced25dcac
openssl096b-0.9.6b-16.46.i386.rpm
ef14285589ed68829f3c871fb46a8ab2
openssl096b-debuginfo-0.9.6b-16.46.i386.rpm
ia64:
0ddbef7542c03a39e5b783befa49faf9
openssl-0.9.7a-33.21.i686.rpm
5651e3de97f42cd855a931b6a80f2de9
openssl-0.9.7a-33.21.ia64.rpm
fbe2ef66dcf1465978d4cb0c3271a850
openssl-debuginfo-0.9.7a-33.21.i686.rpm
19fa9f7790fcf99a3fd031a2ada6bbd9
openssl-debuginfo-0.9.7a-33.21.ia64.rpm
57708528d814ff3c8b258d4a80528436
openssl-devel-0.9.7a-33.21.ia64.rpm
7d5ed68eb555dc1bcbc4fbabcc5b73ad
openssl-perl-0.9.7a-33.21.ia64.rpm
471caa16df4173c4e25942bced25dcac
openssl096b-0.9.6b-16.46.i386.rpm
71fc44bb49b0d92913663c8cb876e669
openssl096b-0.9.6b-16.46.ia64.rpm
ef14285589ed68829f3c871fb46a8ab2
openssl096b-debuginfo-0.9.6b-16.46.i386.rpm
22df5b0e3a9bdc8e733d37ec5ce7e174
openssl096b-debuginfo-0.9.6b-16.46.ia64.rpm
x86_64:
0ddbef7542c03a39e5b783befa49faf9
openssl-0.9.7a-33.21.i686.rpm
828ad64a16daf904ee6f670d2ace71cb
openssl-0.9.7a-33.21.x86_64.rpm
fbe2ef66dcf1465978d4cb0c3271a850
openssl-debuginfo-0.9.7a-33.21.i686.rpm
1472d0f38a85d7f53eccf8140cbefeea
openssl-debuginfo-0.9.7a-33.21.x86_64.rpm
3af1217ec416c8960d4be2201592553f
openssl-devel-0.9.7a-33.21.x86_64.rpm
ebe87dda7ab2d3c45e955810b09961b7
openssl-perl-0.9.7a-33.21.x86_64.rpm
471caa16df4173c4e25942bced25dcac
openssl096b-0.9.6b-16.46.i386.rpm
caea4604b3d35b9829093d2221ebd828
openssl096b-0.9.6b-16.46.x86_64.rpm
ef14285589ed68829f3c871fb46a8ab2
openssl096b-debuginfo-0.9.6b-16.46.i386.rpm
945552740fbe1c6b1dbca55c13b87340
openssl096b-debuginfo-0.9.6b-16.46.x86_64.rpm
Red Hat Enterprise Linux AS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openssl-
0.9.7a-43.14.src.rpm
d833a111c7c142e838e21b46c2d3d3ca
openssl-0.9.7a-43.14.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openssl0
96b-0.9.6b-22.46.src.rpm
2294eea329ff59ad7e7b04331c46e485
openssl096b-0.9.6b-22.46.src.rpm
i386:
064f523a3b6f886949031d85902a74e0
openssl-0.9.7a-43.14.i386.rpm
f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-0.9.7a-43.14.i686.rpm
0dac0adc8a723aa926cd932268bde04f
openssl-debuginfo-0.9.7a-43.14.i386.rpm
f01455b59465880a038ded678431226b
openssl-debuginfo-0.9.7a-43.14.i686.rpm
7591b0a079addeaed3ca622c61b170d2
openssl-devel-0.9.7a-43.14.i386.rpm
e4b978822f9e39a4b1095690f2de6ab3
openssl-perl-0.9.7a-43.14.i386.rpm
afb33c059e8edb6b092a5e6ed247d191
openssl096b-0.9.6b-22.46.i386.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e
openssl096b-debuginfo-0.9.6b-22.46.i386.rpm
ia64:
f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-0.9.7a-43.14.i686.rpm
73e0d1fb22c73ed95e47257a6da1b129
openssl-0.9.7a-43.14.ia64.rpm
f01455b59465880a038ded678431226b
openssl-debuginfo-0.9.7a-43.14.i686.rpm
619771b33a1c3e6976889e68a185151e
openssl-debuginfo-0.9.7a-43.14.ia64.rpm
b0b3d7b2d3772a89f428c868a62da176
openssl-devel-0.9.7a-43.14.ia64.rpm
5dde996b5bac48158eb076686aeab2c4
openssl-perl-0.9.7a-43.14.ia64.rpm
afb33c059e8edb6b092a5e6ed247d191
openssl096b-0.9.6b-22.46.i386.rpm
617658bda3b36c2b62810f8fad8bf5ad
openssl096b-0.9.6b-22.46.ia64.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e
openssl096b-debuginfo-0.9.6b-22.46.i386.rpm
d7c661fe81fa6f6399d56dbeae00d472
openssl096b-debuginfo-0.9.6b-22.46.ia64.rpm
ppc:
3cf9896ac1e976947a0a3112dc99a22c
openssl-0.9.7a-43.14.ppc.rpm
67279d21b053d35fe41ba527de3bd00a
openssl-0.9.7a-43.14.ppc64.rpm
e429b5da40d4754f3a1a3cfb308aada7
openssl-debuginfo-0.9.7a-43.14.ppc.rpm
498dc98df0ef7429e3f14281be63511c
openssl-debuginfo-0.9.7a-43.14.ppc64.rpm
339baf396db81a6d86eb73cdd5a10695
openssl-devel-0.9.7a-43.14.ppc.rpm
fdb5013a4955aea544c7117e0af9644c
openssl-perl-0.9.7a-43.14.ppc.rpm
a1efe172641a72e4511f378440e3c634
openssl096b-0.9.6b-22.46.ppc.rpm
33e8777bd1578e542fe003aff01ece81
openssl096b-debuginfo-0.9.6b-22.46.ppc.rpm
s390:
f19acccd901c289a66ca894f0830dcd0
openssl-0.9.7a-43.14.s390.rpm
7710ad84a6590b29435b22ed8c4d179a
openssl-debuginfo-0.9.7a-43.14.s390.rpm
79dbb4ef618a8aec8878f8ef5bf8cb47
openssl-devel-0.9.7a-43.14.s390.rpm
4b390d89960d1a19a25f42f5d7af77fa
openssl-perl-0.9.7a-43.14.s390.rpm
6ad760a809f7f821b62433a8c7afb13a
openssl096b-0.9.6b-22.46.s390.rpm
e46cc5bb3f7c9e45203135adca5a0469
openssl096b-debuginfo-0.9.6b-22.46.s390.rpm
s390x:
f19acccd901c289a66ca894f0830dcd0
openssl-0.9.7a-43.14.s390.rpm
f97c0a205796a8db148638282a582bbf
openssl-0.9.7a-43.14.s390x.rpm
7710ad84a6590b29435b22ed8c4d179a
openssl-debuginfo-0.9.7a-43.14.s390.rpm
56467884c4ba2e27fe5683374ae680a8
openssl-debuginfo-0.9.7a-43.14.s390x.rpm
0fdb4a82e29561809e89553b6006d981
openssl-devel-0.9.7a-43.14.s390x.rpm
04b452e3a8516723b12b41d3e047a07f
openssl-perl-0.9.7a-43.14.s390x.rpm
6ad760a809f7f821b62433a8c7afb13a
openssl096b-0.9.6b-22.46.s390.rpm
e46cc5bb3f7c9e45203135adca5a0469
openssl096b-debuginfo-0.9.6b-22.46.s390.rpm
x86_64:
f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-0.9.7a-43.14.i686.rpm
f0985b8088804e3bd7309b1ca2ca1d21
openssl-0.9.7a-43.14.x86_64.rpm
f01455b59465880a038ded678431226b
openssl-debuginfo-0.9.7a-43.14.i686.rpm
9183de3c43f771befacfaa209b0bc729
openssl-debuginfo-0.9.7a-43.14.x86_64.rpm
9a489c77daf969a867f3f18bee4bb6aa
openssl-devel-0.9.7a-43.14.x86_64.rpm
d16bd233156bf495de3854d2d915c5c3
openssl-perl-0.9.7a-43.14.x86_64.rpm
afb33c059e8edb6b092a5e6ed247d191
openssl096b-0.9.6b-22.46.i386.rpm
48478bec0a72ec719a31f60ddb376dad
openssl096b-0.9.6b-22.46.x86_64.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e
openssl096b-debuginfo-0.9.6b-22.46.i386.rpm
1bb29a26566a95cb8b8c3652b9e74c53
openssl096b-debuginfo-0.9.6b-22.46.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/ope
nssl-0.9.7a-43.14.src.rpm
d833a111c7c142e838e21b46c2d3d3ca
openssl-0.9.7a-43.14.src.rpm
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/ope
nssl096b-0.9.6b-22.46.src.rpm
2294eea329ff59ad7e7b04331c46e485
openssl096b-0.9.6b-22.46.src.rpm
i386:
064f523a3b6f886949031d85902a74e0
openssl-0.9.7a-43.14.i386.rpm
f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-0.9.7a-43.14.i686.rpm
0dac0adc8a723aa926cd932268bde04f
openssl-debuginfo-0.9.7a-43.14.i386.rpm
f01455b59465880a038ded678431226b
openssl-debuginfo-0.9.7a-43.14.i686.rpm
7591b0a079addeaed3ca622c61b170d2
openssl-devel-0.9.7a-43.14.i386.rpm
e4b978822f9e39a4b1095690f2de6ab3
openssl-perl-0.9.7a-43.14.i386.rpm
afb33c059e8edb6b092a5e6ed247d191
openssl096b-0.9.6b-22.46.i386.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e
openssl096b-debuginfo-0.9.6b-22.46.i386.rpm
x86_64:
f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-0.9.7a-43.14.i686.rpm
f0985b8088804e3bd7309b1ca2ca1d21
openssl-0.9.7a-43.14.x86_64.rpm
f01455b59465880a038ded678431226b
openssl-debuginfo-0.9.7a-43.14.i686.rpm
9183de3c43f771befacfaa209b0bc729
openssl-debuginfo-0.9.7a-43.14.x86_64.rpm
9a489c77daf969a867f3f18bee4bb6aa
openssl-devel-0.9.7a-43.14.x86_64.rpm
d16bd233156bf495de3854d2d915c5c3
openssl-perl-0.9.7a-43.14.x86_64.rpm
afb33c059e8edb6b092a5e6ed247d191
openssl096b-0.9.6b-22.46.i386.rpm
48478bec0a72ec719a31f60ddb376dad
openssl096b-0.9.6b-22.46.x86_64.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e
openssl096b-debuginfo-0.9.6b-22.46.i386.rpm
1bb29a26566a95cb8b8c3652b9e74c53
openssl096b-debuginfo-0.9.6b-22.46.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openssl-
0.9.7a-43.14.src.rpm
d833a111c7c142e838e21b46c2d3d3ca
openssl-0.9.7a-43.14.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openssl0
96b-0.9.6b-22.46.src.rpm
2294eea329ff59ad7e7b04331c46e485
openssl096b-0.9.6b-22.46.src.rpm
i386:
064f523a3b6f886949031d85902a74e0
openssl-0.9.7a-43.14.i386.rpm
f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-0.9.7a-43.14.i686.rpm
0dac0adc8a723aa926cd932268bde04f
openssl-debuginfo-0.9.7a-43.14.i386.rpm
f01455b59465880a038ded678431226b
openssl-debuginfo-0.9.7a-43.14.i686.rpm
7591b0a079addeaed3ca622c61b170d2
openssl-devel-0.9.7a-43.14.i386.rpm
e4b978822f9e39a4b1095690f2de6ab3
openssl-perl-0.9.7a-43.14.i386.rpm
afb33c059e8edb6b092a5e6ed247d191
openssl096b-0.9.6b-22.46.i386.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e
openssl096b-debuginfo-0.9.6b-22.46.i386.rpm
ia64:
f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-0.9.7a-43.14.i686.rpm
73e0d1fb22c73ed95e47257a6da1b129
openssl-0.9.7a-43.14.ia64.rpm
f01455b59465880a038ded678431226b
openssl-debuginfo-0.9.7a-43.14.i686.rpm
619771b33a1c3e6976889e68a185151e
openssl-debuginfo-0.9.7a-43.14.ia64.rpm
b0b3d7b2d3772a89f428c868a62da176
openssl-devel-0.9.7a-43.14.ia64.rpm
5dde996b5bac48158eb076686aeab2c4
openssl-perl-0.9.7a-43.14.ia64.rpm
afb33c059e8edb6b092a5e6ed247d191
openssl096b-0.9.6b-22.46.i386.rpm
617658bda3b36c2b62810f8fad8bf5ad
openssl096b-0.9.6b-22.46.ia64.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e
openssl096b-debuginfo-0.9.6b-22.46.i386.rpm
d7c661fe81fa6f6399d56dbeae00d472
openssl096b-debuginfo-0.9.6b-22.46.ia64.rpm
x86_64:
f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-0.9.7a-43.14.i686.rpm
f0985b8088804e3bd7309b1ca2ca1d21
openssl-0.9.7a-43.14.x86_64.rpm
f01455b59465880a038ded678431226b
openssl-debuginfo-0.9.7a-43.14.i686.rpm
9183de3c43f771befacfaa209b0bc729
openssl-debuginfo-0.9.7a-43.14.x86_64.rpm
9a489c77daf969a867f3f18bee4bb6aa
openssl-devel-0.9.7a-43.14.x86_64.rpm
d16bd233156bf495de3854d2d915c5c3
openssl-perl-0.9.7a-43.14.x86_64.rpm
afb33c059e8edb6b092a5e6ed247d191
openssl096b-0.9.6b-22.46.i386.rpm
48478bec0a72ec719a31f60ddb376dad
openssl096b-0.9.6b-22.46.x86_64.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e
openssl096b-debuginfo-0.9.6b-22.46.i386.rpm
1bb29a26566a95cb8b8c3652b9e74c53
openssl096b-debuginfo-0.9.6b-22.46.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openssl-
0.9.7a-43.14.src.rpm
d833a111c7c142e838e21b46c2d3d3ca
openssl-0.9.7a-43.14.src.rpm
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openssl0
96b-0.9.6b-22.46.src.rpm
2294eea329ff59ad7e7b04331c46e485
openssl096b-0.9.6b-22.46.src.rpm
i386:
064f523a3b6f886949031d85902a74e0
openssl-0.9.7a-43.14.i386.rpm
f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-0.9.7a-43.14.i686.rpm
0dac0adc8a723aa926cd932268bde04f
openssl-debuginfo-0.9.7a-43.14.i386.rpm
f01455b59465880a038ded678431226b
openssl-debuginfo-0.9.7a-43.14.i686.rpm
7591b0a079addeaed3ca622c61b170d2
openssl-devel-0.9.7a-43.14.i386.rpm
e4b978822f9e39a4b1095690f2de6ab3
openssl-perl-0.9.7a-43.14.i386.rpm
afb33c059e8edb6b092a5e6ed247d191
openssl096b-0.9.6b-22.46.i386.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e
openssl096b-debuginfo-0.9.6b-22.46.i386.rpm
ia64:
f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-0.9.7a-43.14.i686.rpm
73e0d1fb22c73ed95e47257a6da1b129
openssl-0.9.7a-43.14.ia64.rpm
f01455b59465880a038ded678431226b
openssl-debuginfo-0.9.7a-43.14.i686.rpm
619771b33a1c3e6976889e68a185151e
openssl-debuginfo-0.9.7a-43.14.ia64.rpm
b0b3d7b2d3772a89f428c868a62da176
openssl-devel-0.9.7a-43.14.ia64.rpm
5dde996b5bac48158eb076686aeab2c4
openssl-perl-0.9.7a-43.14.ia64.rpm
afb33c059e8edb6b092a5e6ed247d191
openssl096b-0.9.6b-22.46.i386.rpm
617658bda3b36c2b62810f8fad8bf5ad
openssl096b-0.9.6b-22.46.ia64.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e
openssl096b-debuginfo-0.9.6b-22.46.i386.rpm
d7c661fe81fa6f6399d56dbeae00d472
openssl096b-debuginfo-0.9.6b-22.46.ia64.rpm
x86_64:
f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-0.9.7a-43.14.i686.rpm
f0985b8088804e3bd7309b1ca2ca1d21
openssl-0.9.7a-43.14.x86_64.rpm
f01455b59465880a038ded678431226b
openssl-debuginfo-0.9.7a-43.14.i686.rpm
9183de3c43f771befacfaa209b0bc729
openssl-debuginfo-0.9.7a-43.14.x86_64.rpm
9a489c77daf969a867f3f18bee4bb6aa
openssl-devel-0.9.7a-43.14.x86_64.rpm
d16bd233156bf495de3854d2d915c5c3
openssl-perl-0.9.7a-43.14.x86_64.rpm
afb33c059e8edb6b092a5e6ed247d191
openssl096b-0.9.6b-22.46.i386.rpm
48478bec0a72ec719a31f60ddb376dad
openssl096b-0.9.6b-22.46.x86_64.rpm
d21be7a4dbf227fe8c96fe8c365f6b6e
openssl096b-debuginfo-0.9.6b-22.46.i386.rpm
1bb29a26566a95cb8b8c3652b9e74c53
openssl096b-debuginfo-0.9.6b-22.46.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our
key and
details on how to verify the signature are available from
htt
ps://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200
6-2937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200
6-2940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200
6-3738
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200
6-4343
http:
//www.openssl.org/news/secadv_20060928.txt
http://www.redhat.com/security/updates/classific
ation/#important
8. Contact:
The Red Hat security contact is <secalert redhat.com>. More contact
details at https:/
/www.redhat.com/security/team/contact/
Copyright 2006 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD4DBQFFHGhiXlSAg2UNWIIRAu2nAJYmwwtHpc8OC4IXFDMeFwIFJztXAKCg
qcYG
qrzF4JgziN2vb1RzGtlVrA==
=3avm
-----END PGP SIGNATURE-----
--
Enterprise-watch-list mailing list
Enterprise-watch-listredhat.com
https://www.redhat.com/mailman/listinfo/enterprise-
watch-list
|