Mehrere Probleme in openssl
ID: | RHSA-2006:0695-01 |
Distribution: | Red Hat |
Plattformen: | Red Hat Enterprise Linux |
Datum: | Fr, 29. September 2006, 02:30 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://www.openssl.org/news/secadv_20060928.txt |
Applikationen: | OpenSSL |
Originalnachricht |
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: openssl security update Advisory ID: RHSA-2006:0695-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0695.html Issue date: 2006-09-28 Updated on: 2006-09-28 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4343 - --------------------------------------------------------------------- 1. Summary: Updated OpenSSL packages are now available to correct several security issues. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). Few applications make use of this vulnerable function and generally it is used only when applications are compiled for debugging. Tavis Ormandy and Will Drewry of the Google Security Team discovered a flaw in the SSLv2 client code. When a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343) Dr S. N. Henson of the OpenSSL core team and Open Network Security recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk) which uncovered denial of service vulnerabilities: * Certain public key types can take disproportionate amounts of time to process, leading to a denial of service. (CVE-2006-2940) * During parsing of certain invalid ASN.1 structures an error condition was mishandled. This can result in an infinite loop which consumed system memory (CVE-2006-2937). This issue does not affect the OpenSSL version distributed in Red Hat Enterprise Linux 2.1. These vulnerabilities can affect applications which use OpenSSL to parse ASN.1 data from untrusted sources, including SSL servers which enable client authentication and S/MIME applications. Users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Note: After installing this update, users are advised to either restart all services that use OpenSSL or restart their system. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 206940 - CVE-2006-3738 OpenSSL issues (CVE-2006-4343) 207274 - CVE-2006-2940 OpenSSL Parasitic Public Keys 207276 - CVE-2006-2937 OpenSSL ASN1 DoS 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/openssl-0.9.6b-46.src.rpm 8dec955be0bcdb6aae9bc0fc6c832eca openssl-0.9.6b-46.src.rpm ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/openssl095a-0.9.5a-32.src.rpm 31991401d1065d4934f00a7cb0b35b30 openssl095a-0.9.5a-32.src.rpm ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/openssl096-0.9.6-32.src.rpm f2854e9ff45b62b93e8f9cb1b59a05c1 openssl096-0.9.6-32.src.rpm i386: c28b3f1b264ab2ea1986cf2c0f211437 openssl-0.9.6b-46.i386.rpm fca94acfb677dc9155716d7a779f7ede openssl-0.9.6b-46.i686.rpm b2edb35842b91ed24dbee0a739993129 openssl-devel-0.9.6b-46.i386.rpm b502425dd73fdc854d1bbe6f29f65bd8 openssl-perl-0.9.6b-46.i386.rpm a0212f46e2e06dc8557154fd444b8277 openssl095a-0.9.5a-32.i386.rpm b64b17ba8f32468723a569d36642defc openssl096-0.9.6-32.i386.rpm ia64: 910ab86216c49bfd0091f10f77da729c openssl-0.9.6b-46.ia64.rpm 7f9f4c612988c83a7a42849eee5cd8cd openssl-devel-0.9.6b-46.ia64.rpm 6741a6cad4ee2bd6971ec6c2ae4744af openssl-perl-0.9.6b-46.ia64.rpm 23953bd1c31641930574c3e72256f026 openssl095a-0.9.5a-32.ia64.rpm 1a1277a9803202b82258d8e0194bd559 openssl096-0.9.6-32.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/openssl-0.9.6b-46.src.rpm 8dec955be0bcdb6aae9bc0fc6c832eca openssl-0.9.6b-46.src.rpm ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/openssl095a-0.9.5a-32.src.rpm 31991401d1065d4934f00a7cb0b35b30 openssl095a-0.9.5a-32.src.rpm ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/openssl096-0.9.6-32.src.rpm f2854e9ff45b62b93e8f9cb1b59a05c1 openssl096-0.9.6-32.src.rpm ia64: 910ab86216c49bfd0091f10f77da729c openssl-0.9.6b-46.ia64.rpm 7f9f4c612988c83a7a42849eee5cd8cd openssl-devel-0.9.6b-46.ia64.rpm 6741a6cad4ee2bd6971ec6c2ae4744af openssl-perl-0.9.6b-46.ia64.rpm 23953bd1c31641930574c3e72256f026 openssl095a-0.9.5a-32.ia64.rpm 1a1277a9803202b82258d8e0194bd559 openssl096-0.9.6-32.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/openssl-0.9.6b-46.src.rpm 8dec955be0bcdb6aae9bc0fc6c832eca openssl-0.9.6b-46.src.rpm i386: c28b3f1b264ab2ea1986cf2c0f211437 openssl-0.9.6b-46.i386.rpm fca94acfb677dc9155716d7a779f7ede openssl-0.9.6b-46.i686.rpm b2edb35842b91ed24dbee0a739993129 openssl-devel-0.9.6b-46.i386.rpm b502425dd73fdc854d1bbe6f29f65bd8 openssl-perl-0.9.6b-46.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/openssl-0.9.6b-46.src.rpm 8dec955be0bcdb6aae9bc0fc6c832eca openssl-0.9.6b-46.src.rpm i386: c28b3f1b264ab2ea1986cf2c0f211437 openssl-0.9.6b-46.i386.rpm fca94acfb677dc9155716d7a779f7ede openssl-0.9.6b-46.i686.rpm b2edb35842b91ed24dbee0a739993129 openssl-devel-0.9.6b-46.i386.rpm b502425dd73fdc854d1bbe6f29f65bd8 openssl-perl-0.9.6b-46.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/openssl-0.9.7a-33.21.src.rpm a973479e3a45ab875fbc961df839de8e openssl-0.9.7a-33.21.src.rpm ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/openssl096b-0.9.6b-16.46.src.rpm 13f3a51b79f3937206cc6a6a8aa6391d openssl096b-0.9.6b-16.46.src.rpm i386: 827852982785bfa3d5df09de6ff75091 openssl-0.9.7a-33.21.i386.rpm 0ddbef7542c03a39e5b783befa49faf9 openssl-0.9.7a-33.21.i686.rpm e8548f583303a6f33616ab05230ec0f2 openssl-debuginfo-0.9.7a-33.21.i386.rpm fbe2ef66dcf1465978d4cb0c3271a850 openssl-debuginfo-0.9.7a-33.21.i686.rpm a87c753f7e6405ae8fa0aaebc68385c0 openssl-devel-0.9.7a-33.21.i386.rpm 31945ca92c89ac970ae6dfb771b62f90 openssl-perl-0.9.7a-33.21.i386.rpm 471caa16df4173c4e25942bced25dcac openssl096b-0.9.6b-16.46.i386.rpm ef14285589ed68829f3c871fb46a8ab2 openssl096b-debuginfo-0.9.6b-16.46.i386.rpm ia64: 0ddbef7542c03a39e5b783befa49faf9 openssl-0.9.7a-33.21.i686.rpm 5651e3de97f42cd855a931b6a80f2de9 openssl-0.9.7a-33.21.ia64.rpm fbe2ef66dcf1465978d4cb0c3271a850 openssl-debuginfo-0.9.7a-33.21.i686.rpm 19fa9f7790fcf99a3fd031a2ada6bbd9 openssl-debuginfo-0.9.7a-33.21.ia64.rpm 57708528d814ff3c8b258d4a80528436 openssl-devel-0.9.7a-33.21.ia64.rpm 7d5ed68eb555dc1bcbc4fbabcc5b73ad openssl-perl-0.9.7a-33.21.ia64.rpm 471caa16df4173c4e25942bced25dcac openssl096b-0.9.6b-16.46.i386.rpm 71fc44bb49b0d92913663c8cb876e669 openssl096b-0.9.6b-16.46.ia64.rpm ef14285589ed68829f3c871fb46a8ab2 openssl096b-debuginfo-0.9.6b-16.46.i386.rpm 22df5b0e3a9bdc8e733d37ec5ce7e174 openssl096b-debuginfo-0.9.6b-16.46.ia64.rpm ppc: 23dd92775b7dff6f9af187e70189a441 openssl-0.9.7a-33.21.ppc.rpm fdd82d793ffa19d4b2cb24436715b6ef openssl-0.9.7a-33.21.ppc64.rpm 646c09be6961463a5dd1c73c396addac openssl-debuginfo-0.9.7a-33.21.ppc.rpm c34b6862bc1ddca063e8983ed66cd9b3 openssl-debuginfo-0.9.7a-33.21.ppc64.rpm cf07c421339a5cbc7b83b445dc83cbb3 openssl-devel-0.9.7a-33.21.ppc.rpm 4b64038e9b9e1a21125ed5fe96936f3a openssl-perl-0.9.7a-33.21.ppc.rpm 251d55b641566819d7a622c3df7adae2 openssl096b-0.9.6b-16.46.ppc.rpm 2c25be65c057819ecfc49c2c8358839f openssl096b-debuginfo-0.9.6b-16.46.ppc.rpm s390: 4537fa728fbd6535bf9ebfc1dfae9db4 openssl-0.9.7a-33.21.s390.rpm 4ebd21d1b7be9ba245d3e0370f670c81 openssl-debuginfo-0.9.7a-33.21.s390.rpm 0ca48923672d80934b89dd4f23f19477 openssl-devel-0.9.7a-33.21.s390.rpm 586f5db21d131f1124b6c9a86a06392f openssl-perl-0.9.7a-33.21.s390.rpm ba87b58750856cc18d5de41573455ad6 openssl096b-0.9.6b-16.46.s390.rpm 3e9db2b43a0bb3e580fbfd02efbf15db openssl096b-debuginfo-0.9.6b-16.46.s390.rpm s390x: 4537fa728fbd6535bf9ebfc1dfae9db4 openssl-0.9.7a-33.21.s390.rpm 287730c6542c5f6f75f21175bc35663a openssl-0.9.7a-33.21.s390x.rpm 4ebd21d1b7be9ba245d3e0370f670c81 openssl-debuginfo-0.9.7a-33.21.s390.rpm 2fbb8d077dc825d6db60336d372018fb openssl-debuginfo-0.9.7a-33.21.s390x.rpm 03d78bb245573ca4dee34deeb38147de openssl-devel-0.9.7a-33.21.s390x.rpm 3e74b96f4ede173e0c9ec76d39991759 openssl-perl-0.9.7a-33.21.s390x.rpm ba87b58750856cc18d5de41573455ad6 openssl096b-0.9.6b-16.46.s390.rpm 3e9db2b43a0bb3e580fbfd02efbf15db openssl096b-debuginfo-0.9.6b-16.46.s390.rpm x86_64: 0ddbef7542c03a39e5b783befa49faf9 openssl-0.9.7a-33.21.i686.rpm 828ad64a16daf904ee6f670d2ace71cb openssl-0.9.7a-33.21.x86_64.rpm fbe2ef66dcf1465978d4cb0c3271a850 openssl-debuginfo-0.9.7a-33.21.i686.rpm 1472d0f38a85d7f53eccf8140cbefeea openssl-debuginfo-0.9.7a-33.21.x86_64.rpm 3af1217ec416c8960d4be2201592553f openssl-devel-0.9.7a-33.21.x86_64.rpm ebe87dda7ab2d3c45e955810b09961b7 openssl-perl-0.9.7a-33.21.x86_64.rpm 471caa16df4173c4e25942bced25dcac openssl096b-0.9.6b-16.46.i386.rpm caea4604b3d35b9829093d2221ebd828 openssl096b-0.9.6b-16.46.x86_64.rpm ef14285589ed68829f3c871fb46a8ab2 openssl096b-debuginfo-0.9.6b-16.46.i386.rpm 945552740fbe1c6b1dbca55c13b87340 openssl096b-debuginfo-0.9.6b-16.46.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/openssl-0.9.7a-33.21.src.rpm a973479e3a45ab875fbc961df839de8e openssl-0.9.7a-33.21.src.rpm ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/openssl096b-0.9.6b-16.46.src.rpm 13f3a51b79f3937206cc6a6a8aa6391d openssl096b-0.9.6b-16.46.src.rpm i386: 827852982785bfa3d5df09de6ff75091 openssl-0.9.7a-33.21.i386.rpm 0ddbef7542c03a39e5b783befa49faf9 openssl-0.9.7a-33.21.i686.rpm e8548f583303a6f33616ab05230ec0f2 openssl-debuginfo-0.9.7a-33.21.i386.rpm fbe2ef66dcf1465978d4cb0c3271a850 openssl-debuginfo-0.9.7a-33.21.i686.rpm a87c753f7e6405ae8fa0aaebc68385c0 openssl-devel-0.9.7a-33.21.i386.rpm 31945ca92c89ac970ae6dfb771b62f90 openssl-perl-0.9.7a-33.21.i386.rpm 471caa16df4173c4e25942bced25dcac openssl096b-0.9.6b-16.46.i386.rpm ef14285589ed68829f3c871fb46a8ab2 openssl096b-debuginfo-0.9.6b-16.46.i386.rpm x86_64: 0ddbef7542c03a39e5b783befa49faf9 openssl-0.9.7a-33.21.i686.rpm 828ad64a16daf904ee6f670d2ace71cb openssl-0.9.7a-33.21.x86_64.rpm fbe2ef66dcf1465978d4cb0c3271a850 openssl-debuginfo-0.9.7a-33.21.i686.rpm 1472d0f38a85d7f53eccf8140cbefeea openssl-debuginfo-0.9.7a-33.21.x86_64.rpm 3af1217ec416c8960d4be2201592553f openssl-devel-0.9.7a-33.21.x86_64.rpm ebe87dda7ab2d3c45e955810b09961b7 openssl-perl-0.9.7a-33.21.x86_64.rpm 471caa16df4173c4e25942bced25dcac openssl096b-0.9.6b-16.46.i386.rpm caea4604b3d35b9829093d2221ebd828 openssl096b-0.9.6b-16.46.x86_64.rpm ef14285589ed68829f3c871fb46a8ab2 openssl096b-debuginfo-0.9.6b-16.46.i386.rpm 945552740fbe1c6b1dbca55c13b87340 openssl096b-debuginfo-0.9.6b-16.46.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/openssl-0.9.7a-33.21.src.rpm a973479e3a45ab875fbc961df839de8e openssl-0.9.7a-33.21.src.rpm ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/openssl096b-0.9.6b-16.46.src.rpm 13f3a51b79f3937206cc6a6a8aa6391d openssl096b-0.9.6b-16.46.src.rpm i386: 827852982785bfa3d5df09de6ff75091 openssl-0.9.7a-33.21.i386.rpm 0ddbef7542c03a39e5b783befa49faf9 openssl-0.9.7a-33.21.i686.rpm e8548f583303a6f33616ab05230ec0f2 openssl-debuginfo-0.9.7a-33.21.i386.rpm fbe2ef66dcf1465978d4cb0c3271a850 openssl-debuginfo-0.9.7a-33.21.i686.rpm a87c753f7e6405ae8fa0aaebc68385c0 openssl-devel-0.9.7a-33.21.i386.rpm 31945ca92c89ac970ae6dfb771b62f90 openssl-perl-0.9.7a-33.21.i386.rpm 471caa16df4173c4e25942bced25dcac openssl096b-0.9.6b-16.46.i386.rpm ef14285589ed68829f3c871fb46a8ab2 openssl096b-debuginfo-0.9.6b-16.46.i386.rpm ia64: 0ddbef7542c03a39e5b783befa49faf9 openssl-0.9.7a-33.21.i686.rpm 5651e3de97f42cd855a931b6a80f2de9 openssl-0.9.7a-33.21.ia64.rpm fbe2ef66dcf1465978d4cb0c3271a850 openssl-debuginfo-0.9.7a-33.21.i686.rpm 19fa9f7790fcf99a3fd031a2ada6bbd9 openssl-debuginfo-0.9.7a-33.21.ia64.rpm 57708528d814ff3c8b258d4a80528436 openssl-devel-0.9.7a-33.21.ia64.rpm 7d5ed68eb555dc1bcbc4fbabcc5b73ad openssl-perl-0.9.7a-33.21.ia64.rpm 471caa16df4173c4e25942bced25dcac openssl096b-0.9.6b-16.46.i386.rpm 71fc44bb49b0d92913663c8cb876e669 openssl096b-0.9.6b-16.46.ia64.rpm ef14285589ed68829f3c871fb46a8ab2 openssl096b-debuginfo-0.9.6b-16.46.i386.rpm 22df5b0e3a9bdc8e733d37ec5ce7e174 openssl096b-debuginfo-0.9.6b-16.46.ia64.rpm x86_64: 0ddbef7542c03a39e5b783befa49faf9 openssl-0.9.7a-33.21.i686.rpm 828ad64a16daf904ee6f670d2ace71cb openssl-0.9.7a-33.21.x86_64.rpm fbe2ef66dcf1465978d4cb0c3271a850 openssl-debuginfo-0.9.7a-33.21.i686.rpm 1472d0f38a85d7f53eccf8140cbefeea openssl-debuginfo-0.9.7a-33.21.x86_64.rpm 3af1217ec416c8960d4be2201592553f openssl-devel-0.9.7a-33.21.x86_64.rpm ebe87dda7ab2d3c45e955810b09961b7 openssl-perl-0.9.7a-33.21.x86_64.rpm 471caa16df4173c4e25942bced25dcac openssl096b-0.9.6b-16.46.i386.rpm caea4604b3d35b9829093d2221ebd828 openssl096b-0.9.6b-16.46.x86_64.rpm ef14285589ed68829f3c871fb46a8ab2 openssl096b-debuginfo-0.9.6b-16.46.i386.rpm 945552740fbe1c6b1dbca55c13b87340 openssl096b-debuginfo-0.9.6b-16.46.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/openssl-0.9.7a-33.21.src.rpm a973479e3a45ab875fbc961df839de8e openssl-0.9.7a-33.21.src.rpm ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/openssl096b-0.9.6b-16.46.src.rpm 13f3a51b79f3937206cc6a6a8aa6391d openssl096b-0.9.6b-16.46.src.rpm i386: 827852982785bfa3d5df09de6ff75091 openssl-0.9.7a-33.21.i386.rpm 0ddbef7542c03a39e5b783befa49faf9 openssl-0.9.7a-33.21.i686.rpm e8548f583303a6f33616ab05230ec0f2 openssl-debuginfo-0.9.7a-33.21.i386.rpm fbe2ef66dcf1465978d4cb0c3271a850 openssl-debuginfo-0.9.7a-33.21.i686.rpm a87c753f7e6405ae8fa0aaebc68385c0 openssl-devel-0.9.7a-33.21.i386.rpm 31945ca92c89ac970ae6dfb771b62f90 openssl-perl-0.9.7a-33.21.i386.rpm 471caa16df4173c4e25942bced25dcac openssl096b-0.9.6b-16.46.i386.rpm ef14285589ed68829f3c871fb46a8ab2 openssl096b-debuginfo-0.9.6b-16.46.i386.rpm ia64: 0ddbef7542c03a39e5b783befa49faf9 openssl-0.9.7a-33.21.i686.rpm 5651e3de97f42cd855a931b6a80f2de9 openssl-0.9.7a-33.21.ia64.rpm fbe2ef66dcf1465978d4cb0c3271a850 openssl-debuginfo-0.9.7a-33.21.i686.rpm 19fa9f7790fcf99a3fd031a2ada6bbd9 openssl-debuginfo-0.9.7a-33.21.ia64.rpm 57708528d814ff3c8b258d4a80528436 openssl-devel-0.9.7a-33.21.ia64.rpm 7d5ed68eb555dc1bcbc4fbabcc5b73ad openssl-perl-0.9.7a-33.21.ia64.rpm 471caa16df4173c4e25942bced25dcac openssl096b-0.9.6b-16.46.i386.rpm 71fc44bb49b0d92913663c8cb876e669 openssl096b-0.9.6b-16.46.ia64.rpm ef14285589ed68829f3c871fb46a8ab2 openssl096b-debuginfo-0.9.6b-16.46.i386.rpm 22df5b0e3a9bdc8e733d37ec5ce7e174 openssl096b-debuginfo-0.9.6b-16.46.ia64.rpm x86_64: 0ddbef7542c03a39e5b783befa49faf9 openssl-0.9.7a-33.21.i686.rpm 828ad64a16daf904ee6f670d2ace71cb openssl-0.9.7a-33.21.x86_64.rpm fbe2ef66dcf1465978d4cb0c3271a850 openssl-debuginfo-0.9.7a-33.21.i686.rpm 1472d0f38a85d7f53eccf8140cbefeea openssl-debuginfo-0.9.7a-33.21.x86_64.rpm 3af1217ec416c8960d4be2201592553f openssl-devel-0.9.7a-33.21.x86_64.rpm ebe87dda7ab2d3c45e955810b09961b7 openssl-perl-0.9.7a-33.21.x86_64.rpm 471caa16df4173c4e25942bced25dcac openssl096b-0.9.6b-16.46.i386.rpm caea4604b3d35b9829093d2221ebd828 openssl096b-0.9.6b-16.46.x86_64.rpm ef14285589ed68829f3c871fb46a8ab2 openssl096b-debuginfo-0.9.6b-16.46.i386.rpm 945552740fbe1c6b1dbca55c13b87340 openssl096b-debuginfo-0.9.6b-16.46.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openssl-0.9.7a-43.14.src.rpm d833a111c7c142e838e21b46c2d3d3ca openssl-0.9.7a-43.14.src.rpm ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openssl096b-0.9.6b-22.46.src.rpm 2294eea329ff59ad7e7b04331c46e485 openssl096b-0.9.6b-22.46.src.rpm i386: 064f523a3b6f886949031d85902a74e0 openssl-0.9.7a-43.14.i386.rpm f2b76677a5e6cc4d2a55e78eb56a4fdb openssl-0.9.7a-43.14.i686.rpm 0dac0adc8a723aa926cd932268bde04f openssl-debuginfo-0.9.7a-43.14.i386.rpm f01455b59465880a038ded678431226b openssl-debuginfo-0.9.7a-43.14.i686.rpm 7591b0a079addeaed3ca622c61b170d2 openssl-devel-0.9.7a-43.14.i386.rpm e4b978822f9e39a4b1095690f2de6ab3 openssl-perl-0.9.7a-43.14.i386.rpm afb33c059e8edb6b092a5e6ed247d191 openssl096b-0.9.6b-22.46.i386.rpm d21be7a4dbf227fe8c96fe8c365f6b6e openssl096b-debuginfo-0.9.6b-22.46.i386.rpm ia64: f2b76677a5e6cc4d2a55e78eb56a4fdb openssl-0.9.7a-43.14.i686.rpm 73e0d1fb22c73ed95e47257a6da1b129 openssl-0.9.7a-43.14.ia64.rpm f01455b59465880a038ded678431226b openssl-debuginfo-0.9.7a-43.14.i686.rpm 619771b33a1c3e6976889e68a185151e openssl-debuginfo-0.9.7a-43.14.ia64.rpm b0b3d7b2d3772a89f428c868a62da176 openssl-devel-0.9.7a-43.14.ia64.rpm 5dde996b5bac48158eb076686aeab2c4 openssl-perl-0.9.7a-43.14.ia64.rpm afb33c059e8edb6b092a5e6ed247d191 openssl096b-0.9.6b-22.46.i386.rpm 617658bda3b36c2b62810f8fad8bf5ad openssl096b-0.9.6b-22.46.ia64.rpm d21be7a4dbf227fe8c96fe8c365f6b6e openssl096b-debuginfo-0.9.6b-22.46.i386.rpm d7c661fe81fa6f6399d56dbeae00d472 openssl096b-debuginfo-0.9.6b-22.46.ia64.rpm ppc: 3cf9896ac1e976947a0a3112dc99a22c openssl-0.9.7a-43.14.ppc.rpm 67279d21b053d35fe41ba527de3bd00a openssl-0.9.7a-43.14.ppc64.rpm e429b5da40d4754f3a1a3cfb308aada7 openssl-debuginfo-0.9.7a-43.14.ppc.rpm 498dc98df0ef7429e3f14281be63511c openssl-debuginfo-0.9.7a-43.14.ppc64.rpm 339baf396db81a6d86eb73cdd5a10695 openssl-devel-0.9.7a-43.14.ppc.rpm fdb5013a4955aea544c7117e0af9644c openssl-perl-0.9.7a-43.14.ppc.rpm a1efe172641a72e4511f378440e3c634 openssl096b-0.9.6b-22.46.ppc.rpm 33e8777bd1578e542fe003aff01ece81 openssl096b-debuginfo-0.9.6b-22.46.ppc.rpm s390: f19acccd901c289a66ca894f0830dcd0 openssl-0.9.7a-43.14.s390.rpm 7710ad84a6590b29435b22ed8c4d179a openssl-debuginfo-0.9.7a-43.14.s390.rpm 79dbb4ef618a8aec8878f8ef5bf8cb47 openssl-devel-0.9.7a-43.14.s390.rpm 4b390d89960d1a19a25f42f5d7af77fa openssl-perl-0.9.7a-43.14.s390.rpm 6ad760a809f7f821b62433a8c7afb13a openssl096b-0.9.6b-22.46.s390.rpm e46cc5bb3f7c9e45203135adca5a0469 openssl096b-debuginfo-0.9.6b-22.46.s390.rpm s390x: f19acccd901c289a66ca894f0830dcd0 openssl-0.9.7a-43.14.s390.rpm f97c0a205796a8db148638282a582bbf openssl-0.9.7a-43.14.s390x.rpm 7710ad84a6590b29435b22ed8c4d179a openssl-debuginfo-0.9.7a-43.14.s390.rpm 56467884c4ba2e27fe5683374ae680a8 openssl-debuginfo-0.9.7a-43.14.s390x.rpm 0fdb4a82e29561809e89553b6006d981 openssl-devel-0.9.7a-43.14.s390x.rpm 04b452e3a8516723b12b41d3e047a07f openssl-perl-0.9.7a-43.14.s390x.rpm 6ad760a809f7f821b62433a8c7afb13a openssl096b-0.9.6b-22.46.s390.rpm e46cc5bb3f7c9e45203135adca5a0469 openssl096b-debuginfo-0.9.6b-22.46.s390.rpm x86_64: f2b76677a5e6cc4d2a55e78eb56a4fdb openssl-0.9.7a-43.14.i686.rpm f0985b8088804e3bd7309b1ca2ca1d21 openssl-0.9.7a-43.14.x86_64.rpm f01455b59465880a038ded678431226b openssl-debuginfo-0.9.7a-43.14.i686.rpm 9183de3c43f771befacfaa209b0bc729 openssl-debuginfo-0.9.7a-43.14.x86_64.rpm 9a489c77daf969a867f3f18bee4bb6aa openssl-devel-0.9.7a-43.14.x86_64.rpm d16bd233156bf495de3854d2d915c5c3 openssl-perl-0.9.7a-43.14.x86_64.rpm afb33c059e8edb6b092a5e6ed247d191 openssl096b-0.9.6b-22.46.i386.rpm 48478bec0a72ec719a31f60ddb376dad openssl096b-0.9.6b-22.46.x86_64.rpm d21be7a4dbf227fe8c96fe8c365f6b6e openssl096b-debuginfo-0.9.6b-22.46.i386.rpm 1bb29a26566a95cb8b8c3652b9e74c53 openssl096b-debuginfo-0.9.6b-22.46.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/openssl-0.9.7a-43.14.src.rpm d833a111c7c142e838e21b46c2d3d3ca openssl-0.9.7a-43.14.src.rpm ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/openssl096b-0.9.6b-22.46.src.rpm 2294eea329ff59ad7e7b04331c46e485 openssl096b-0.9.6b-22.46.src.rpm i386: 064f523a3b6f886949031d85902a74e0 openssl-0.9.7a-43.14.i386.rpm f2b76677a5e6cc4d2a55e78eb56a4fdb openssl-0.9.7a-43.14.i686.rpm 0dac0adc8a723aa926cd932268bde04f openssl-debuginfo-0.9.7a-43.14.i386.rpm f01455b59465880a038ded678431226b openssl-debuginfo-0.9.7a-43.14.i686.rpm 7591b0a079addeaed3ca622c61b170d2 openssl-devel-0.9.7a-43.14.i386.rpm e4b978822f9e39a4b1095690f2de6ab3 openssl-perl-0.9.7a-43.14.i386.rpm afb33c059e8edb6b092a5e6ed247d191 openssl096b-0.9.6b-22.46.i386.rpm d21be7a4dbf227fe8c96fe8c365f6b6e openssl096b-debuginfo-0.9.6b-22.46.i386.rpm x86_64: f2b76677a5e6cc4d2a55e78eb56a4fdb openssl-0.9.7a-43.14.i686.rpm f0985b8088804e3bd7309b1ca2ca1d21 openssl-0.9.7a-43.14.x86_64.rpm f01455b59465880a038ded678431226b openssl-debuginfo-0.9.7a-43.14.i686.rpm 9183de3c43f771befacfaa209b0bc729 openssl-debuginfo-0.9.7a-43.14.x86_64.rpm 9a489c77daf969a867f3f18bee4bb6aa openssl-devel-0.9.7a-43.14.x86_64.rpm d16bd233156bf495de3854d2d915c5c3 openssl-perl-0.9.7a-43.14.x86_64.rpm afb33c059e8edb6b092a5e6ed247d191 openssl096b-0.9.6b-22.46.i386.rpm 48478bec0a72ec719a31f60ddb376dad openssl096b-0.9.6b-22.46.x86_64.rpm d21be7a4dbf227fe8c96fe8c365f6b6e openssl096b-debuginfo-0.9.6b-22.46.i386.rpm 1bb29a26566a95cb8b8c3652b9e74c53 openssl096b-debuginfo-0.9.6b-22.46.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openssl-0.9.7a-43.14.src.rpm d833a111c7c142e838e21b46c2d3d3ca openssl-0.9.7a-43.14.src.rpm ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openssl096b-0.9.6b-22.46.src.rpm 2294eea329ff59ad7e7b04331c46e485 openssl096b-0.9.6b-22.46.src.rpm i386: 064f523a3b6f886949031d85902a74e0 openssl-0.9.7a-43.14.i386.rpm f2b76677a5e6cc4d2a55e78eb56a4fdb openssl-0.9.7a-43.14.i686.rpm 0dac0adc8a723aa926cd932268bde04f openssl-debuginfo-0.9.7a-43.14.i386.rpm f01455b59465880a038ded678431226b openssl-debuginfo-0.9.7a-43.14.i686.rpm 7591b0a079addeaed3ca622c61b170d2 openssl-devel-0.9.7a-43.14.i386.rpm e4b978822f9e39a4b1095690f2de6ab3 openssl-perl-0.9.7a-43.14.i386.rpm afb33c059e8edb6b092a5e6ed247d191 openssl096b-0.9.6b-22.46.i386.rpm d21be7a4dbf227fe8c96fe8c365f6b6e openssl096b-debuginfo-0.9.6b-22.46.i386.rpm ia64: f2b76677a5e6cc4d2a55e78eb56a4fdb openssl-0.9.7a-43.14.i686.rpm 73e0d1fb22c73ed95e47257a6da1b129 openssl-0.9.7a-43.14.ia64.rpm f01455b59465880a038ded678431226b openssl-debuginfo-0.9.7a-43.14.i686.rpm 619771b33a1c3e6976889e68a185151e openssl-debuginfo-0.9.7a-43.14.ia64.rpm b0b3d7b2d3772a89f428c868a62da176 openssl-devel-0.9.7a-43.14.ia64.rpm 5dde996b5bac48158eb076686aeab2c4 openssl-perl-0.9.7a-43.14.ia64.rpm afb33c059e8edb6b092a5e6ed247d191 openssl096b-0.9.6b-22.46.i386.rpm 617658bda3b36c2b62810f8fad8bf5ad openssl096b-0.9.6b-22.46.ia64.rpm d21be7a4dbf227fe8c96fe8c365f6b6e openssl096b-debuginfo-0.9.6b-22.46.i386.rpm d7c661fe81fa6f6399d56dbeae00d472 openssl096b-debuginfo-0.9.6b-22.46.ia64.rpm x86_64: f2b76677a5e6cc4d2a55e78eb56a4fdb openssl-0.9.7a-43.14.i686.rpm f0985b8088804e3bd7309b1ca2ca1d21 openssl-0.9.7a-43.14.x86_64.rpm f01455b59465880a038ded678431226b openssl-debuginfo-0.9.7a-43.14.i686.rpm 9183de3c43f771befacfaa209b0bc729 openssl-debuginfo-0.9.7a-43.14.x86_64.rpm 9a489c77daf969a867f3f18bee4bb6aa openssl-devel-0.9.7a-43.14.x86_64.rpm d16bd233156bf495de3854d2d915c5c3 openssl-perl-0.9.7a-43.14.x86_64.rpm afb33c059e8edb6b092a5e6ed247d191 openssl096b-0.9.6b-22.46.i386.rpm 48478bec0a72ec719a31f60ddb376dad openssl096b-0.9.6b-22.46.x86_64.rpm d21be7a4dbf227fe8c96fe8c365f6b6e openssl096b-debuginfo-0.9.6b-22.46.i386.rpm 1bb29a26566a95cb8b8c3652b9e74c53 openssl096b-debuginfo-0.9.6b-22.46.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openssl-0.9.7a-43.14.src.rpm d833a111c7c142e838e21b46c2d3d3ca openssl-0.9.7a-43.14.src.rpm ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openssl096b-0.9.6b-22.46.src.rpm 2294eea329ff59ad7e7b04331c46e485 openssl096b-0.9.6b-22.46.src.rpm i386: 064f523a3b6f886949031d85902a74e0 openssl-0.9.7a-43.14.i386.rpm f2b76677a5e6cc4d2a55e78eb56a4fdb openssl-0.9.7a-43.14.i686.rpm 0dac0adc8a723aa926cd932268bde04f openssl-debuginfo-0.9.7a-43.14.i386.rpm f01455b59465880a038ded678431226b openssl-debuginfo-0.9.7a-43.14.i686.rpm 7591b0a079addeaed3ca622c61b170d2 openssl-devel-0.9.7a-43.14.i386.rpm e4b978822f9e39a4b1095690f2de6ab3 openssl-perl-0.9.7a-43.14.i386.rpm afb33c059e8edb6b092a5e6ed247d191 openssl096b-0.9.6b-22.46.i386.rpm d21be7a4dbf227fe8c96fe8c365f6b6e openssl096b-debuginfo-0.9.6b-22.46.i386.rpm ia64: f2b76677a5e6cc4d2a55e78eb56a4fdb openssl-0.9.7a-43.14.i686.rpm 73e0d1fb22c73ed95e47257a6da1b129 openssl-0.9.7a-43.14.ia64.rpm f01455b59465880a038ded678431226b openssl-debuginfo-0.9.7a-43.14.i686.rpm 619771b33a1c3e6976889e68a185151e openssl-debuginfo-0.9.7a-43.14.ia64.rpm b0b3d7b2d3772a89f428c868a62da176 openssl-devel-0.9.7a-43.14.ia64.rpm 5dde996b5bac48158eb076686aeab2c4 openssl-perl-0.9.7a-43.14.ia64.rpm afb33c059e8edb6b092a5e6ed247d191 openssl096b-0.9.6b-22.46.i386.rpm 617658bda3b36c2b62810f8fad8bf5ad openssl096b-0.9.6b-22.46.ia64.rpm d21be7a4dbf227fe8c96fe8c365f6b6e openssl096b-debuginfo-0.9.6b-22.46.i386.rpm d7c661fe81fa6f6399d56dbeae00d472 openssl096b-debuginfo-0.9.6b-22.46.ia64.rpm x86_64: f2b76677a5e6cc4d2a55e78eb56a4fdb openssl-0.9.7a-43.14.i686.rpm f0985b8088804e3bd7309b1ca2ca1d21 openssl-0.9.7a-43.14.x86_64.rpm f01455b59465880a038ded678431226b openssl-debuginfo-0.9.7a-43.14.i686.rpm 9183de3c43f771befacfaa209b0bc729 openssl-debuginfo-0.9.7a-43.14.x86_64.rpm 9a489c77daf969a867f3f18bee4bb6aa openssl-devel-0.9.7a-43.14.x86_64.rpm d16bd233156bf495de3854d2d915c5c3 openssl-perl-0.9.7a-43.14.x86_64.rpm afb33c059e8edb6b092a5e6ed247d191 openssl096b-0.9.6b-22.46.i386.rpm 48478bec0a72ec719a31f60ddb376dad openssl096b-0.9.6b-22.46.x86_64.rpm d21be7a4dbf227fe8c96fe8c365f6b6e openssl096b-debuginfo-0.9.6b-22.46.i386.rpm 1bb29a26566a95cb8b8c3652b9e74c53 openssl096b-debuginfo-0.9.6b-22.46.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://www.openssl.org/news/secadv_20060928.txt http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is |