From:
[email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------ Debian Security Advisory DSA-1888-1
[email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 15, 2009
http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : openssl, openssl097
Vulnerability : cryptographic weakness
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2009-2409
Certificates with MD2 hash signatures are no longer accepted by OpenSSL,
since they're no longer considered cryptographically secure.
For the stable distribution (lenny), this problem has been fixed in
version 0.9.8g-15+lenny5.
For the old stable distribution (etch), this problem has been fixed in
version 0.9.8c-4etch9 for openssl and version 0.9.7k-3.1etch5 for
openssl097.
The OpenSSL 0.9.8 update for oldstable (etch) also provides updated
packages for multiple denial of service vulnerabilities in the
Datagram Transport Layer Security implementation. These fixes were
already provided for Debian stable (Lenny) in a previous point
update. The OpenSSL 0.9.7 package from oldstable (Etch) is not
affected. (CVE-2009-1377, CVE-2009-1378, CVE-2009-1379,
CVE-2009-1386 and CVE-2009-1387)
For the unstable distribution (sid), this problem has been fixed in
version 0.9.8k-5.
We recommend that you upgrade your openssl packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/o/openssl097/openssl097_0.9.7k-3.1etch5.dsc
Size/MD5 checksum: 1417 cfeda0aa5b691a5745475692c5d95023
http://security.debian.org/pool/updates/main/o/openssl097/openssl097_0.9.7k-3.1etch5.diff.gz
Size/MD5 checksum: 35983 d36ced1a9b6bc9fb473142df040a06d6
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch9.dsc
Size/MD5 checksum: 1455 853078a1ba61d986d0862b7052e6a47b
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c.orig.tar.gz
Size/MD5 checksum: 3313857 78454bec556bcb4c45129428a766c886
http://security.debian.org/pool/updates/main/o/openssl097/openssl097_0.9.7k.orig.tar.gz
Size/MD5 checksum: 3292692 be6bba1d67b26eabb48cf1774925416f
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch9.diff.gz
Size/MD5 checksum: 59037 1d168f6505755d3d5b2cc5c8dfc4a314
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch9_alpha.deb
Size/MD5 checksum: 2623244 6d978b3c3271793c8e7af4805335186c
http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch5_alpha.deb
Size/MD5 checksum: 2209790 7b1bd54453a93ae2b20d25abf8e0187a
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch9_alpha.deb
Size/MD5 checksum: 2556932 aff297a5754a34193d35e1e7bb1de5e5
http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch5_alpha.deb
Size/MD5 checksum: 3822402 2d51057194c55709f258303f9eb5634d
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch9_alpha.deb
Size/MD5 checksum: 1015184 1a7ee5f6d57cc91aaee2df7efbed7e03
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch9_alpha.deb
Size/MD5 checksum: 4561710 6e24f6d818c1c6e791f3b457e9d025cd
http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch9_alpha.udeb
Size/MD5 checksum: 677314 840e921e5eb158208331c1eb4e546453
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch9_amd64.deb
Size/MD5 checksum: 2188696 730e51554bee77b38922ab4968f7bd8f
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch9_amd64.deb
Size/MD5 checksum: 891856 373b14c8d5d44eba8e2a704d29621e4e
http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch5_amd64.deb
Size/MD5 checksum: 1328748 32e707b77f010c26690d0d170b3b8c71
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch9_amd64.deb
Size/MD5 checksum: 1655940 94723e6134595ff2a407ab3cb99c24c9
http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch9_amd64.udeb
Size/MD5 checksum: 580330 d98c62ccbd82164d39df6366fa654308
http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch5_amd64.deb
Size/MD5 checksum: 755234 7165fcc39018915a7e3c777af0577305
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch9_amd64.deb
Size/MD5 checksum: 1017888 fe9448a60c33599b868d17865789e2cc
arm architecture (ARM)
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch9_arm.deb
Size/MD5 checksum: 1010856 09a084ee052c3fdc4dc143a9b490e6e2
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch9_arm.deb
Size/MD5 checksum: 1540164 dfc8a72eba408506cf5e26d54f5d7279
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch9_arm.deb
Size/MD5 checksum: 2048878 df31a9c9a6ddf22c72ecf29ccf1b1717
http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch9_arm.udeb
Size/MD5 checksum: 516754 ee398a3bdd932297310166de7ce28739
http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch5_arm.deb
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)