Login
Newsletter
Werbung
Sicherheit: Mangelnde Prüfung von Zertifikaten in openssl
Aktuelle Meldungen Distributionen
Name: Mangelnde Prüfung von Zertifikaten in openssl
ID: TLSA-2006-29
Distribution: TurboLinux
Plattformen: Turbolinux FUJI, Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux 7 Server, Turbolinux 8 Server, Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal, Turbolinux Appliance Server 1.0 Hosting Edition, Turbolinux Appliance Server 1.0 Workgroup Edition
Datum: Di, 26. September 2006, 03:50
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
Applikationen: OpenSSL

Originalnachricht

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2006-29
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 25 Sep 2006
 Last revised: 25 Sep 2006

 Package: openssl

 Summary: Multiple RSA implementations fail

 More information:
    The OpenSSL Project is a collaborative effort to develop a robust,
    commercial-grade, full-featured Open Source toolkit implementing the
    Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
    protocols as well as a full-strength general purpose cryptography library.

    Multiple RSA implementations fail to properly handle RSA signatures.

 Impact:
    This vulnerability may allow an attacker to forge RSA signatures.

 Affected Products:
    - Turbolinux Appliance Server 2.0
    - Turbolinux FUJI
    - Turbolinux 10 Server x64 Edition
    - Turbolinux Appliance Server 1.0 Hosting Edition
    - Turbolinux Appliance Server 1.0 Workgroup Edition
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux Multimedia
    - Turbolinux Personal
    - Turbolinux 8 Server
    - Turbolinux 7 Server


 <Turbolinux Appliance Server 2.0>

   Source Packages
   Size: MD5

   openssl-0.9.7d-8.src.rpm
      2894646 11123268b7bf28d0267beb093c4622a0
   openssl-compat-0.9.6m-9.src.rpm
      2274196 e5df0088529c7e785b8e32e18bd43d3a

   Binary Packages
   Size: MD5

   openssl-0.9.7d-8.i586.rpm
      1300626 a9d6ef6faebc2ef3dfd239dfe2c6fac4
   openssl-compat-0.9.6m-9.i586.rpm
       755984 d86bc1be35ec566c4667e489c3480a58
   openssl-devel-0.9.7d-8.i586.rpm
      1481081 8a44952185f35bc408bb8176c0efba32

 <Turbolinux FUJI>

   Source Packages
   Size: MD5

   openssl-0.9.8-7.src.rpm
      3344248 e8c8039409b9b3853420d9e8e8970ad8
   openssl-compat-0.9.7d-8.src.rpm
      2894595 44dcb312de9c81c7dd076ded48513124
   openssl096-0.9.6m-2.src.rpm
      2274791 ccadbcc487b1e1e3f1e0c306b6467b8a

   Binary Packages
   Size: MD5

   openssl-0.9.8-7.i686.rpm
      1738385 1ff4c80d9ab1cb3fbf690d409065409d
   openssl-compat-0.9.7d-8.i686.rpm
      1056442 2f6453479436ec349863c73e261b43f3
   openssl-devel-0.9.8-7.i686.rpm
      1924275 5e5033a8f064b81396b5b95a1deae1fe
   openssl096-0.9.6m-2.i686.rpm
       881205 ea34856977c7aac8e72e665d6fe1991d

 <Turbolinux 10 Server x64 Edition> 

   Source Packages
   Size: MD5

   openssl-0.9.7d-8.src.rpm
      2894646 9977e9026a24df1d7dab08995d0e4ab9
   openssl-compat-0.9.6m-9.src.rpm
      2274196 3b059d176d044a21daa33649d64b2faa

   Binary Packages
   Size: MD5

   openssl-0.9.7d-8.x86_64.rpm
      1410739 2599c207d81e0820581cc13f4f449543
   openssl-compat-0.9.6m-9.x86_64.rpm
       850020 8960bebf8a95ad5f12ca4add2d851c72
   openssl-devel-0.9.7d-8.x86_64.rpm
      1546788 5b85cb78c3a5d3219bda53d5d8b6fd99

 <Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size: MD5

   openssl-0.9.6m-6.src.rpm
      2363174 e13928ca96553bf0ec1b6bc1e919ae3d

   Binary Packages
   Size: MD5

   openssl-0.9.6m-6.i586.rpm
      1445180 619f2009b189e01954d97b0ab1450b4c
   openssl-devel-0.9.6m-6.i586.rpm
      1159098 50467d8488a84cc576730bb6c627ee85

 <Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size: MD5

   openssl-0.9.6m-6.src.rpm
      2363174 aa0ad99a5de2b21fdc21281d0eff6c2a

   Binary Packages
   Size: MD5

   openssl-0.9.6m-6.i586.rpm
      1445379 ed3cd7b0c4dda4514dfaf9f6d16b0347
   openssl-devel-0.9.6m-6.i586.rpm
      1158782 fdfd39d96734d73449d66e007af7607e

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   openssl-0.9.7d-8.src.rpm
      2894646 11123268b7bf28d0267beb093c4622a0
   openssl-compat-0.9.6m-9.src.rpm
      2274196 e5df0088529c7e785b8e32e18bd43d3a

   Binary Packages
   Size: MD5

   openssl-0.9.7d-8.i586.rpm
      1300626 a9d6ef6faebc2ef3dfd239dfe2c6fac4
   openssl-compat-0.9.6m-9.i586.rpm
       755984 d86bc1be35ec566c4667e489c3480a58
   openssl-devel-0.9.7d-8.i586.rpm
      1481081 8a44952185f35bc408bb8176c0efba32

 <Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux
 Multimedia, Turbolinux Personal>

   Source Packages
   Size: MD5

   openssl-0.9.7d-8.src.rpm
      2894646 bf78baf4dee5b9a5d232b0b3ccd57941
   openssl-compat-0.9.6m-9.src.rpm
      2274196 10694fc13657f481fec2ce099b514ce6

   Binary Packages
   Size: MD5

   openssl-0.9.7d-8.i586.rpm
      1303637 e383f61f085d1b81b9b3691cf9aa499b
   openssl-compat-0.9.6m-9.i586.rpm
       755256 3cf38a9800394c4d153a59ded67c2c63
   openssl-devel-0.9.7d-8.i586.rpm
      1482484 2862f7f47b8b206217e849f5b946ebd6

 <Turbolinux 8 Server>

   Source Packages
   Size: MD5

   openssl-0.9.6m-6.src.rpm
      2363174 459499a18120e7c4a9cf51c6c78dac20

   Binary Packages
   Size: MD5

   openssl-0.9.6m-6.i586.rpm
      1445757 ce5da0ddb59dc595de18dad28913051c
   openssl-devel-0.9.6m-6.i586.rpm
      1158634 10f274c39c9d777a5d3df09b6eb0bca2

 <Turbolinux 7 Server>

   Source Packages
   Size: MD5

   openssl-0.9.6m-6.src.rpm
      2363174 186038bfea197edc748ccc802d020799

   Binary Packages
   Size: MD5

   openssl-0.9.6m-6.i586.rpm
      1413429 8da5eefc42d19ce95490526c9e4c4a05
   openssl-devel-0.9.6m-6.i586.rpm
      1140635 8913133f83d220904965e9de98f0a73f


 CVE
   [CVE-2006-4339]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339

 --------------------------------------------------------------------------
 Revision History
    25 Sep 2006 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2006 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFFF9oiK0LzjOqIJMwRAnbtAJ9u4lwUjH4bG1pkQaSq8kSHK/WwaACfVpD6
Za+0ojUvBbPQN/gs3umZL1c=
=3uvk
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung