Bluewhite64 Linux: [Bluewhite64 Linux Security] openssl [BW64SA:20090409-01]

Welcome

Be cool!

Linux, Bluewhite64 Linux T-shirts, Wall Clocks, Mugs, Hats, Bags

Buy Bluewhite64 DVDs
(USA Store)

Custom Search

RSS Feeds

Our news can be syndicated by using these rss feeds.

Latest Forum Posts

Posted by charlie
Updated the function: bw () { #Enter your [more ...]
24 Aug : 03:21

Posted by darshin
As we all know, ZFS is by far the best file system.People ha [more ...]
20 Aug : 16:17

Posted by charlie
Bluewhite64 should add something more than what Slackware64 [more ...]
26 Jul : 23:05

Posted by tpreitzel
Well, if we do see a new version of Bluewhite64, Arny is kee [more ...]
25 May : 23:19

Posted by Diver
Hello.I compiled KDE-4.4.3 with the help of Alien's scripts [more ...]
25 May : 21:35

Posted by /dev/twisted
I sure hope he does, I really like BW.I check this forum eve [more ...]
25 May : 08:48

Posted by Diver
Slackware-13.1 is out! )Can we hope to see the new version o [more ...]
25 May : 08:39

Posted by Kenjiro Tanaka
Eric/alienbob,I am really sorry. I really thought (before re [more ...]
29 Apr : 23:20

Posted by alienbob
Kenjiro,Thanks for finally giving public credit to the sourc [more ...]
29 Apr : 22:37

Posted by Kenjiro Tanaka
Hello there.Diver, my last two builds (kde-4.4.1 and kde-4.4 [more ...]
28 Apr : 15:04

[Bluewhite64 Linux Security] openssl [BW64SA:20090409-01]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[Bluewhite64 Linux Security] openssl [BW64SA:20090409-01]

New openssl packages are available for Bluewhite64 Linux 11.0, 12.0, 12.1
and 12.2 to fix security issues.

More details about the issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590

Details from the Bluewhite64 Linux 12.2 ChangeLog:
- ---------------------------------------------------
PATCHES/packages/openssl-0.9.8i-x86_64-3.tgz: Patched (see below).
PATCHES/packages/openssl-solibs-0.9.8i-x86_64-3.tgz:
Patched to fix possible crashes as well as a (fairly unlikely) case
where an invalid signature might verify as valid.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590
[*** Security fix ***]
- ---------------------------------------------------

Download the new packages from:
- --------------------------------
For Bluewhite64 Linux 11.0:
http://data.bluewhite64.com/bluewhite64-11.0/patches/packages/openssl-0.9.8h-x86_64-3.tgz
http://data.bluewhite64.com/bluewhite64-11.0/patches/packages/openssl-solibs-0.9.8h-x86_64-3.tgz

For Bluewhite64 Linux 12.0:
http://data.bluewhite64.com/bluewhite64-12.0/patches/packages/openssl-0.9.8h-x86_64-3.tgz
http://data.bluewhite64.com/bluewhite64-12.0/patches/packages/openssl-solibs-0.9.8h-x86_64-3.tgz

For Bluewhite64 Linux 12.1:
http://data.bluewhite64.com/bluewhite64-12.1/patches/packages/openssl-0.9.8h-x86_64-3.tgz
http://data.bluewhite64.com/bluewhite64-12.1/patches/packages/openssl-solibs-0.9.8h-x86_64-3.tgz

For Bluewhite64 Linux 12.2:
http://data.bluewhite64.com/bluewhite64-12.2/patches/packages/openssl-0.9.8i-x86_64-3.tgz
http://data.bluewhite64.com/bluewhite64-12.2/patches/packages/openssl-solibs-0.9.8i-x86_64-3.tgz

Also, please see the "Get Bluewhite64" section on http://www.bluewhite64.com for
additional mirror sites near you.

MD5 signatures:
- ----------------
Bluewhite64 Linux 11.0 packages:
504e5bb8d840581fe5834d25237608ca openssl-0.9.8h-x86_64-3.tgz
28e6fdab0a104c549f7348fe2391b0c5 openssl-solibs-0.9.8h-x86_64-3.tgz

Bluewhite64 Linux 12.0 packages:
a497fc8b03a485a47cb3d97d346c8dfa openssl-0.9.8h-x86_64-3.tgz
bb18a7c0ffe193b8f330a8a236c44290 openssl-solibs-0.9.8h-x86_64-3.tgz

Bluewhite64 Linux 12.1 packages:
a2c7d16a230f0743441f5a14b8b6dafd openssl-0.9.8h-x86_64-3.tgz
6240613f6998d12971cd2385c886f746 openssl-solibs-0.9.8h-x86_64-3.tgz

Bluewhite64 Linux 12.2 packages:
4f817bc091d45832f6080ef88591d410 openssl-0.9.8i-x86_64-3.tgz
3b0b1e4d40deeae147ff1c06f7e1c335 openssl-solibs-0.9.8i-x86_64-3.tgz

Installation instructions:
- ----------------------------
Upgrade the package as root:
# upgradepkg openssl-0.9.8i-x86_64-3.tgz openssl-solibs-0.9.8i-x86_64-3.tgz

- ---
Bluewhite64 Linux Security Team
http://bluewhite64.com/gpg-key

security©bluewhite64.com

- ------------------------------------------------------
To leave the bluewhite64-security mailing list send a
blank email to:

bluewhite64-security-unsubscribe©bluewhite64.com

You will get a confirmation message back containing
instructions to complete the process.

Please do not reply to this email address.
- ------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEUEARECAAYFAkneAzkACgkQpTOsxuDdlY5E9wCYiDzbAoicQLA1GTQruQV6x51d
UQCfZcWbADclMhVVZ22Vm5MfbQok2XA=
=gmNk
-----END PGP SIGNATURE-----