drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in openssl
Name: |
Denial of Service in openssl |
|
ID: |
TLSA-2009-13 |
|
Distribution: |
TurboLinux |
|
Plattformen: |
Turbolinux Client 2008, Turbolinux FUJI, Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 11 Server x64 Edition, Turbolinux 11 Server, Turbolinux Appliance Server 3.0, Turbolinux Appliance Server 3.0 x64 Edition, TurboLinux wizpy |
|
Datum: |
Mi, 13. Mai 2009, 03:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 |
|
Applikationen: |
OpenSSL |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2009-13 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp --------------------------------------------------------------------------
Original released date: 12 May 2009 Last revised: 12 May 2009
Package: openssl
Summary: openssl denial of service
More information: The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length. (CVE-2009-0590)
Affected Products: - Turbolinux Client 2008 - Turbolinux Appliance Server 3.0 x64 Edition - Turbolinux Appliance Server 3.0 - Turbolinux 11 Server x64 Edition - Turbolinux 11 Server - wizpy - Turbolinux Appliance Server 2.0 - Turbolinux FUJI - Turbolinux 10 Server x64 Edition - Turbolinux 10 Server
<Turbolinux Client 2008>
Source Packages Size: MD5
openssl-0.9.8h-3.src.rpm 3531695 da152cf28e40951dd0e013751524948c
Binary Packages Size: MD5
openssl-0.9.8h-3.i586.rpm 1642157 f2225abdb9a12a05a043db174abc2e76 openssl-devel-0.9.8h-3.i586.rpm 1521915 572faa9d058dd6ef7cf1ad6a24e62103
<Turbolinux Appliance Server 3.0 x64 Edition>
Source Packages Size: MD5
openssl-0.9.8e-6.src.rpm 3463701 873896005663aeda70447f6a09b8b84b
Binary Packages Size: MD5
openssl-0.9.8e-6.x86_64.rpm 1775134 7bee5915c7bed64e22d908aab358ec6d openssl-devel-0.9.8e-6.x86_64.rpm 1966178 a8888f04d8e51478fe55196b0dd48f12
<Turbolinux Appliance Server 3.0>
Source Packages Size: MD5
openssl-0.9.8e-6.src.rpm 3463701 873896005663aeda70447f6a09b8b84b
Binary Packages Size: MD5
openssl-0.9.8e-6.i686.rpm 1700346 b0dd19b3234b3a71899d39b1afda5f27 openssl-devel-0.9.8e-6.i686.rpm 1907242 4767f7f665f602ee55aeabd0e6bc38e1
<Turbolinux 11 Server x64 Edition>
Source Packages Size: MD5
openssl-0.9.8e-6.src.rpm 3463701 873896005663aeda70447f6a09b8b84b
Binary Packages Size: MD5
openssl-0.9.8e-6.x86_64.rpm 1775134 7bee5915c7bed64e22d908aab358ec6d openssl-devel-0.9.8e-6.x86_64.rpm 1966178 a8888f04d8e51478fe55196b0dd48f12
<Turbolinux 11 Server>
Source Packages Size: MD5
openssl-0.9.8e-6.src.rpm 3463701 873896005663aeda70447f6a09b8b84b
Binary Packages Size: MD5
openssl-0.9.8e-6.i686.rpm 1700346 1e57bc12ccf3258491cd979c1de3d666 openssl-devel-0.9.8e-6.i686.rpm 1907242 42b9ae73b6529768eafad667996c5f7a
<wizpy>
Source Packages Size: MD5
openssl-0.9.8-14.src.rpm 3383819 842a8aba1ffb621b420b5fb77ed96ecb
Binary Packages Size: MD5
openssl-0.9.8-14.i386.rpm 1658755 6189e141d1b7b4e67ab971e5c06230b3
<Turbolinux Appliance Server 2.0>
Source Packages Size: MD5
openssl-0.9.7d-16.src.rpm 2938988 90ced6d54531d6815b9c56535f6871f5
Binary Packages Size: MD5
openssl-0.9.7d-16.i586.rpm 1302921 4a69f79a27c81a0f0a4a414344f56e86 openssl-devel-0.9.7d-16.i586.rpm 1484806 c3c0110b31c26446dbabb06916fc2a53
<Turbolinux FUJI>
Source Packages Size: MD5
openssl-0.9.8-14.src.rpm 3383445 2bb083d786b1f03d5ec214606c845b75 openssl-compat-0.9.7d-16.src.rpm 2917943 c0ec45b2a1ec7358ed8af202d6bea987
Binary Packages Size: MD5
openssl-0.9.8-14.i686.rpm 1744589 6e0ff5aa2106b7b672a0363a670675fd openssl-compat-0.9.7d-16.i686.rpm 1058699 fc4a536debb2565cea6956d85f6d1169 openssl-devel-0.9.8-14.i686.rpm 1929896 83f2958ace915e8b3bf360347b2adc79
<Turbolinux 10 Server x64 Edition>
Source Packages Size: MD5
openssl-0.9.7d-16.src.rpm 2908239 4658395ce7116d97b11f2b33fa782862
Binary Packages Size: MD5
openssl-0.9.7d-16.x86_64.rpm 1413095 e74d8e2d839f4db74c5ad947bbd6a169 openssl-devel-0.9.7d-16.x86_64.rpm 1547770 6d3b87a57c25c6e30ecfc46f867a994b
<Turbolinux 10 Server>
Source Packages Size: MD5
openssl-0.9.7d-16.src.rpm 2938988 90ced6d54531d6815b9c56535f6871f5
Binary Packages Size: MD5
openssl-0.9.7d-16.i586.rpm 1302921 4a69f79a27c81a0f0a4a414344f56e86 openssl-devel-0.9.7d-16.i586.rpm 1484806 c3c0110b31c26446dbabb06916fc2a53
References:
CVE [CVE-2009-0590] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590
-------------------------------------------------------------------------- Revision History 12 May 2009 Initial release --------------------------------------------------------------------------
Copyright(C) 2009 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux)
iEYEARECAAYFAkoJR1AACgkQK0LzjOqIJMzlEgCgp2w6LF0MRiSC9tLGKo3jFrPT GgYAn0rkNDASZb+BJRWTAjUiUVrWDE7L =itxY -----END PGP SIGNATURE-----
|
|
|
|