Slackware Security Advisory - openssl Updates

Slackware Security Advisory - openssl Updates: Posted Feb 13, 2017; Authored by Slackware Security Team | Site slackware.com; Slackware Security Advisory - New openssl packages are available for Slackware 14.2 and -current to fix security issues.; tags | advisory; systems | linux, slackware; advisories | CVE-2016-7055, CVE-2017-3731, CVE-2017-3732; SHA-256 | 4b83eb4778dd1ad58130c6ca504a220795ceb3f5f3ead2b30a42ef3dbbb5de0b; Download | Favorite | View

Slackware Security Advisory - openssl Updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  openssl (SSA:2017-041-02)

New openssl packages are available for Slackware 14.2 and -current to
fix security issues.


Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/openssl-1.0.2k-i586-1_slack14.2.txz:  Upgraded.
  This update fixes security issues:
  Truncated packet could crash via OOB read (CVE-2017-3731)
  BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
  Montgomery multiplication may produce incorrect results (CVE-2016-7055)
  For more information, see:
    https://www.openssl.org/news/secadv/20170126.txt
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3731
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3732
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7055
  (* Security fix *)
patches/packages/openssl-solibs-1.0.2k-i586-1_slack14.2.txz:  Upgraded.
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated packages for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-1.0.2k-i586-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-solibs-1.0.2k-i586-1_slack14.2.txz

Updated packages for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-1.0.2k-x86_64-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-solibs-1.0.2k-x86_64-1_slack14.2.txz

Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.2k-i586-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.2k-i586-1.txz

Updated packages for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2k-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.2k-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 14.2 packages:
1d03d7f59dece41b97104cbe8341b812  openssl-1.0.2k-i586-1_slack14.2.txz
c5e689d9ac1c1675c5059b8e7cd42594  openssl-solibs-1.0.2k-i586-1_slack14.2.txz

Slackware x86_64 14.2 packages:
5e075d516ab7ccc1ef14f430e599bdef  openssl-1.0.2k-x86_64-1_slack14.2.txz
110479b47a4208bcdb43fee59b9f06ca  openssl-solibs-1.0.2k-x86_64-1_slack14.2.txz

Slackware -current packages:
8eca7a113cf58688dc6203c4091fd0ac  a/openssl-solibs-1.0.2k-i586-1.txz
1ee03441f6409e48dda42c006ae5a7ad  n/openssl-1.0.2k-i586-1.txz

Slackware x86_64 -current packages:
51ed87062d6898bd50705b2c2abc2c68  a/openssl-solibs-1.0.2k-x86_64-1.txz
d9e56ff59fd7aa5791bf6809ccea0f92  n/openssl-1.0.2k-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the packages as root:
# upgradepkg openssl-1.0.2k-i586-1_slack14.2.txz openssl-solibs-1.0.2k-i586-1_slack14.2.txz 


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list:                          |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back containing instructions to    |
| complete the process.  Please do not reply to this email address.      |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAlieJSgACgkQakRjwEAQIjOZnQCdFixA55rVMry3YYq5M9aVn+9m
R20AoIQghw2D9hE5HfYusUqckQFk9yiQ
=e+MP
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 237 files
indoushka 157 files
Jay Turla 150 files
Ubuntu 68 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,119)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,136)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,775)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,828)
UNIX (9,454)
UnixWare (188)
Windows (6,766)
Other

Slackware Security Advisory - openssl Updates

Slackware Security Advisory - openssl Updates

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Slackware Security Advisory - openssl Updates

Share This

Slackware Security Advisory - openssl Updates

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems