Fedora Legacy Test Update Notification: openssl

Marc Deslauriers marcdeslauriers at videotron.ca
Sat Jun 4 19:27:13 UTC 2005 

---------------------------------------------------------------------
Fedora Legacy Test Update Notification
FEDORALEGACY-2005-152841
Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152841
2005-06-04
---------------------------------------------------------------------

Name        : openssl
Versions    : rh73: openssl-0.9.6b-39.7.legacy
Versions    : rh9: openssl-0.9.7a-20.4.legacy
Versions    : fc1: openssl-0.9.7a-33.11.legacy
Summary     : The OpenSSL toolkit.
Description :
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

---------------------------------------------------------------------
Update Information:

Updated OpenSSL packages that fix security issues are now available.

OpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols as well as a
full-strength general purpose cryptography library.

A flaw was found in the way the der_chop script creates temporary files.
It is possible that a malicious local user could cause der_chop to
overwrite files (CAN-2004-0975).

Users are advised to update to these erratum packages which contain
a patch to correct this issue.

---------------------------------------------------------------------
Changelogs

rh73:
* Tue May 31 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
0.9.6b-39.7.legacy
- Added missing zlib-devel BuildPrereq

* Fri Mar 11 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
0.9.6b-38.7.legacy
- Fixed the CAN-2004-0975 patch

* Sat Mar 05 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
0.9.6b-37.7.legacy
- add security fix for CAN-2004-0975

rh9:
* Fri Mar 11 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
0.9.7a-20.4.legacy
- Fixed the CAN-2004-0975 patch

* Sat Mar 05 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
0.9.7a-20.3.legacy
- Added patch for CAN-2004-0975

fc1:
* Sat Mar 05 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
0.9.7a-33.11.legacy
- Added security patch for CAN-2004-0975

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedoralegacy.org/
(sha1sums)

rh73:
23e338ea168362be064b0fc5818ca75fb0ff478d
redhat/7.3/updates-testing/i386/openssl-0.9.6b-39.7.legacy.i386.rpm
909d19843a102c8db726f4ce19bec343e468c205
redhat/7.3/updates-testing/i386/openssl-0.9.6b-39.7.legacy.i686.rpm
e5d2ded644fc5e6efd947ce85c6889e8f3d85cf9
redhat/7.3/updates-testing/i386/openssl-devel-0.9.6b-39.7.legacy.i386.rpm
94f5abf2da579c8546b26a579d125a402c517cd4
redhat/7.3/updates-testing/i386/openssl-perl-0.9.6b-39.7.legacy.i386.rpm
22e61ba5e83c0f2ffb1cf01c2f440e0f5778aeb5
redhat/7.3/updates-testing/SRPMS/openssl-0.9.6b-39.7.legacy.src.rpm

rh9:
fc4ccd852dbdb32d35feda73d57dfec9695bb124
redhat/9/updates-testing/i386/openssl-0.9.7a-20.4.legacy.i386.rpm
53d60e01f25892efcc5da5281110259f15560f95
redhat/9/updates-testing/i386/openssl-0.9.7a-20.4.legacy.i686.rpm
6044af703d7b8915a0ff64cd57862c09f202884b
redhat/9/updates-testing/i386/openssl-devel-0.9.7a-20.4.legacy.i386.rpm
366b375b6e77103d41e2b3b1fbdf2e4fd11ff31c
redhat/9/updates-testing/i386/openssl-perl-0.9.7a-20.4.legacy.i386.rpm
55334c3b4a44b6743d86d7a5e40ec2ac853cfca9
redhat/9/updates-testing/SRPMS/openssl-0.9.7a-20.4.legacy.src.rpm

fc1:
76fa768ce6ead9d3a2fe5a4bafa7c78c7d73049c
fedora/1/updates-testing/i386/openssl-0.9.7a-33.11.legacy.i386.rpm
b0eadfbcbfe4b8306eff0d0d9fe1abc56e77633b
fedora/1/updates-testing/i386/openssl-0.9.7a-33.11.legacy.i686.rpm
7b24ed7cdbd8c55dbe0f7c9234314383c1cb90ca
fedora/1/updates-testing/i386/openssl-devel-0.9.7a-33.11.legacy.i386.rpm
196577ad1b00b1285a41c30d8e42cf2c22d4063a
fedora/1/updates-testing/i386/openssl-perl-0.9.7a-33.11.legacy.i386.rpm
adfbc1d2c8753ae170cc9badee8ed56f5f4cf5cb
fedora/1/updates-testing/SRPMS/openssl-0.9.7a-33.11.legacy.src.rpm

---------------------------------------------------------------------

Please test and comment in bugzilla.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-legacy-list/attachments/20050604/7a754288/attachment.sig>

More information about the fedora-legacy-list mailing list