LISTSERV - SCIENTIFIC-LINUX-USERS Archives

  Hi

  During regular security audit in our laboratory today, we have pointed 
out recent security issues for openssl of SL4.3 (openssl-0.9.7a-43.8) for
i386 and X86_64 distributions.

  Openssl Improper PKCS Handling RSA Signature Forgery Vulnerability
  http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4339

This problem has been already fixed at upstream vendor by
  https://rhn.redhat.com/errata/RHSA-2006-0661.html

  We are looking forward to getting them ASAP at SL distributions.
 (openssl-0.9.7a-43.11.xxxx.rpm)

Thanks!

Takashi Ichihara (RIKEN)