 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Wed, 7 Jan 2009 15:35:38 -0600 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Synopsis: Important: openssl security update
Issue date: 2009-01-07
CVE Names: CVE-2008-5077
The Google security team discovered a flaw in the way OpenSSL checked the
verification of certificates. An attacker in control of a malicious server,
or able to effect a "man in the middle" attack, could present a malformed
SSL/TLS signature from a certificate chain to a vulnerable client and
bypass validation. (CVE-2008-5077)
SL 3.0.x
SRPMS:
openssl-0.9.7a-33.25.src.rpm
openssl096b-0.9.6b-16.49.src.rpm
i386:
openssl096b-0.9.6b-16.49.i386.rpm
openssl-0.9.7a-33.25.i386.rpm
openssl-0.9.7a-33.25.i686.rpm
openssl-devel-0.9.7a-33.25.i386.rpm
openssl-perl-0.9.7a-33.25.i386.rpm
x86_64:
openssl096b-0.9.6b-16.49.i386.rpm
openssl096b-0.9.6b-16.49.x86_64.rpm
openssl-0.9.7a-33.25.i686.rpm
openssl-0.9.7a-33.25.x86_64.rpm
openssl-devel-0.9.7a-33.25.x86_64.rpm
openssl-perl-0.9.7a-33.25.x86_64.rpm
SL 4.x
SRPMS:
openssl-0.9.7a-43.17.el4_7.2.src.rpm
openssl096b-0.9.6b-22.46.el4_7.src.rpm
i386:
openssl096b-0.9.6b-22.46.el4_7.i386.rpm
openssl-0.9.7a-43.17.el4_7.2.i386.rpm
openssl-0.9.7a-43.17.el4_7.2.i686.rpm
openssl-devel-0.9.7a-43.17.el4_7.2.i386.rpm
openssl-perl-0.9.7a-43.17.el4_7.2.i386.rpm
x86_64:
openssl096b-0.9.6b-22.46.el4_7.i386.rpm
openssl096b-0.9.6b-22.46.el4_7.x86_64.rpm
openssl-0.9.7a-43.17.el4_7.2.i686.rpm
openssl-0.9.7a-43.17.el4_7.2.x86_64.rpm
openssl-devel-0.9.7a-43.17.el4_7.2.i386.rpm
openssl-devel-0.9.7a-43.17.el4_7.2.x86_64.rpm
openssl-perl-0.9.7a-43.17.el4_7.2.x86_64.rpm
SL 5.x
SRPMS:
openssl-0.9.8b-10.el5_2.1.src.rpm
openssl097a-0.9.7a-9.el5_2.1.src.rpm
i386:
openssl097a-0.9.7a-9.el5_2.1.i386.rpm
openssl-0.9.8b-10.el5_2.1.i386.rpm
openssl-0.9.8b-10.el5_2.1.i686.rpm
openssl-devel-0.9.8b-10.el5_2.1.i386.rpm
openssl-perl-0.9.8b-10.el5_2.1.i386.rpm
x86_64:
openssl097a-0.9.7a-9.el5_2.1.x86_64.rpm
openssl-0.9.8b-10.el5_2.1.i686.rpm
openssl-0.9.8b-10.el5_2.1.x86_64.rpm
openssl-devel-0.9.8b-10.el5_2.1.i386.rpm
openssl-devel-0.9.8b-10.el5_2.1.x86_64.rpm
openssl-perl-0.9.8b-10.el5_2.1.x86_64.rpm
-Connie Sieh
-Troy Dawson
|
|
|
