Login
Newsletter
Werbung
Sicherheit: Denial of Service in openssl
Aktuelle Meldungen Distributionen
Name: Denial of Service in openssl
ID: TLSA-2009-13
Distribution: TurboLinux
Plattformen: Turbolinux Client 2008, Turbolinux FUJI, Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 11 Server x64 Edition, Turbolinux 11 Server, Turbolinux Appliance Server 3.0, Turbolinux Appliance Server 3.0 x64 Edition, TurboLinux wizpy
Datum: Mi, 13. Mai 2009, 03:50
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590
Applikationen: OpenSSL

Originalnachricht

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2009-13
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 12 May 2009
 Last revised: 12 May 2009

 Package: openssl

 Summary: openssl denial of service

 More information:
    The OpenSSL Project is a collaborative effort to develop a robust,
    commercial-grade, full-featured Open Source toolkit implementing the
    Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
    protocols as well as a full-strength general purpose cryptography library.

    The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote
 attackers to
    cause a denial of service (invalid memory access and application crash) via
 vectors that
    trigger printing of a (1) BMPString or (2) UniversalString with an invalid
 encoded length. (CVE-2009-0590)

 Affected Products:
    - Turbolinux Client 2008
    - Turbolinux Appliance Server 3.0 x64 Edition
    - Turbolinux Appliance Server 3.0
    - Turbolinux 11 Server x64 Edition
    - Turbolinux 11 Server
    - wizpy
    - Turbolinux Appliance Server 2.0
    - Turbolinux FUJI
    - Turbolinux 10 Server x64 Edition
    - Turbolinux 10 Server


 <Turbolinux Client 2008>

   Source Packages
   Size: MD5

   openssl-0.9.8h-3.src.rpm
      3531695 da152cf28e40951dd0e013751524948c

   Binary Packages
   Size: MD5

   openssl-0.9.8h-3.i586.rpm
      1642157 f2225abdb9a12a05a043db174abc2e76
   openssl-devel-0.9.8h-3.i586.rpm
      1521915 572faa9d058dd6ef7cf1ad6a24e62103

 <Turbolinux Appliance Server 3.0 x64 Edition>

   Source Packages
   Size: MD5

   openssl-0.9.8e-6.src.rpm
      3463701 873896005663aeda70447f6a09b8b84b

   Binary Packages
   Size: MD5

   openssl-0.9.8e-6.x86_64.rpm
      1775134 7bee5915c7bed64e22d908aab358ec6d
   openssl-devel-0.9.8e-6.x86_64.rpm
      1966178 a8888f04d8e51478fe55196b0dd48f12

 <Turbolinux Appliance Server 3.0>

   Source Packages
   Size: MD5

   openssl-0.9.8e-6.src.rpm
      3463701 873896005663aeda70447f6a09b8b84b

   Binary Packages
   Size: MD5

   openssl-0.9.8e-6.i686.rpm
      1700346 b0dd19b3234b3a71899d39b1afda5f27
   openssl-devel-0.9.8e-6.i686.rpm
      1907242 4767f7f665f602ee55aeabd0e6bc38e1

 <Turbolinux 11 Server x64 Edition>

   Source Packages
   Size: MD5

   openssl-0.9.8e-6.src.rpm
      3463701 873896005663aeda70447f6a09b8b84b

   Binary Packages
   Size: MD5

   openssl-0.9.8e-6.x86_64.rpm
      1775134 7bee5915c7bed64e22d908aab358ec6d
   openssl-devel-0.9.8e-6.x86_64.rpm
      1966178 a8888f04d8e51478fe55196b0dd48f12

 <Turbolinux 11 Server>

   Source Packages
   Size: MD5

   openssl-0.9.8e-6.src.rpm
      3463701 873896005663aeda70447f6a09b8b84b

   Binary Packages
   Size: MD5

   openssl-0.9.8e-6.i686.rpm
      1700346 1e57bc12ccf3258491cd979c1de3d666
   openssl-devel-0.9.8e-6.i686.rpm
      1907242 42b9ae73b6529768eafad667996c5f7a

 <wizpy>

   Source Packages
   Size: MD5

   openssl-0.9.8-14.src.rpm
      3383819 842a8aba1ffb621b420b5fb77ed96ecb

   Binary Packages
   Size: MD5

   openssl-0.9.8-14.i386.rpm
      1658755 6189e141d1b7b4e67ab971e5c06230b3

 <Turbolinux Appliance Server 2.0>

   Source Packages
   Size: MD5

   openssl-0.9.7d-16.src.rpm
      2938988 90ced6d54531d6815b9c56535f6871f5

   Binary Packages
   Size: MD5

   openssl-0.9.7d-16.i586.rpm
      1302921 4a69f79a27c81a0f0a4a414344f56e86
   openssl-devel-0.9.7d-16.i586.rpm
      1484806 c3c0110b31c26446dbabb06916fc2a53

 <Turbolinux FUJI>

   Source Packages
   Size: MD5

   openssl-0.9.8-14.src.rpm
      3383445 2bb083d786b1f03d5ec214606c845b75
   openssl-compat-0.9.7d-16.src.rpm
      2917943 c0ec45b2a1ec7358ed8af202d6bea987

   Binary Packages
   Size: MD5

   openssl-0.9.8-14.i686.rpm
      1744589 6e0ff5aa2106b7b672a0363a670675fd
   openssl-compat-0.9.7d-16.i686.rpm
      1058699 fc4a536debb2565cea6956d85f6d1169
   openssl-devel-0.9.8-14.i686.rpm
      1929896 83f2958ace915e8b3bf360347b2adc79

 <Turbolinux 10 Server x64 Edition>

   Source Packages
   Size: MD5

   openssl-0.9.7d-16.src.rpm
      2908239 4658395ce7116d97b11f2b33fa782862

   Binary Packages
   Size: MD5

   openssl-0.9.7d-16.x86_64.rpm
      1413095 e74d8e2d839f4db74c5ad947bbd6a169
   openssl-devel-0.9.7d-16.x86_64.rpm
      1547770 6d3b87a57c25c6e30ecfc46f867a994b

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   openssl-0.9.7d-16.src.rpm
      2938988 90ced6d54531d6815b9c56535f6871f5

   Binary Packages
   Size: MD5

   openssl-0.9.7d-16.i586.rpm
      1302921 4a69f79a27c81a0f0a4a414344f56e86
   openssl-devel-0.9.7d-16.i586.rpm
      1484806 c3c0110b31c26446dbabb06916fc2a53


 References:

 CVE
   [CVE-2009-0590]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590

 --------------------------------------------------------------------------
 Revision History
    12 May 2009 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2009 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)

iEYEARECAAYFAkoJR1AACgkQK0LzjOqIJMzlEgCgp2w6LF0MRiSC9tLGKo3jFrPT
GgYAn0rkNDASZb+BJRWTAjUiUVrWDE7L
=itxY
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung