Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[slackware-security] openssl (SSA:2017-041-02)

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

 

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

[slackware-security] openssl (SSA:2017-041-02)

 

New openssl packages are available for Slackware 14.2 and -current to

fix security issues.

 

 

Here are the details from the Slackware 14.2 ChangeLog:

+--------------------------+

patches/packages/openssl-1.0.2k-i586-1_slack14.2.txz: Upgraded.

This update fixes security issues:

Truncated packet could crash via OOB read (CVE-2017-3731)

BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)

Montgomery multiplication may produce incorrect results (CVE-2016-7055)

For more information, see:

https://www.openssl.org/news/secadv/20170126.txt

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3731

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3732

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7055

(* Security fix *)

patches/packages/openssl-solibs-1.0.2k-i586-1_slack14.2.txz: Upgraded.

+--------------------------+

 

 

Where to find the new packages:

+-----------------------------+

 

Thanks to the friendly folks at the OSU Open Source Lab

(http://osuosl.org) for donating FTP and rsync hosting

to the Slackware project! :-)

 

Also see the "Get Slack" section on http://slackware.com for

additional mirror sites near you.

 

Updated packages for Slackware 14.2:

ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-1.0.2k-i586-1_slack14.2.txz

ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-solibs-1.0.2k-i586-1_slack14.2.txz

 

Updated packages for Slackware x86_64 14.2:

ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-1.0.2k-x86_64-1_slack14.2.txz

ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-solibs-1.0.2k-x86_64-1_slack14.2.txz

 

Updated packages for Slackware -current:

ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.2k-i586-1.txz

ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.2k-i586-1.txz

 

Updated packages for Slackware x86_64 -current:

ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2k-x86_64-1.txz

ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.2k-x86_64-1.txz

 

 

MD5 signatures:

+-------------+

 

Slackware 14.2 packages:

1d03d7f59dece41b97104cbe8341b812 openssl-1.0.2k-i586-1_slack14.2.txz

c5e689d9ac1c1675c5059b8e7cd42594 openssl-solibs-1.0.2k-i586-1_slack14.2.txz

 

Slackware x86_64 14.2 packages:

5e075d516ab7ccc1ef14f430e599bdef openssl-1.0.2k-x86_64-1_slack14.2.txz

110479b47a4208bcdb43fee59b9f06ca openssl-solibs-1.0.2k-x86_64-1_slack14.2.txz

 

Slackware -current packages:

8eca7a113cf58688dc6203c4091fd0ac a/openssl-solibs-1.0.2k-i586-1.txz

1ee03441f6409e48dda42c006ae5a7ad n/openssl-1.0.2k-i586-1.txz

 

Slackware x86_64 -current packages:

51ed87062d6898bd50705b2c2abc2c68 a/openssl-solibs-1.0.2k-x86_64-1.txz

d9e56ff59fd7aa5791bf6809ccea0f92 n/openssl-1.0.2k-x86_64-1.txz

 

 

Installation instructions:

+------------------------+

 

Upgrade the packages as root:

# upgradepkg openssl-1.0.2k-i586-1_slack14.2.txz openssl-solibs-1.0.2k-i586-1_slack14.2.txz

 

 

+-----+

 

Slackware Linux Security Team

http://slackware.com/gpg-key

security ( -at -) slackware.com

 

+------------------------------------------------------------------------+

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×