1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4355-1] openssl1.0 security update

    From Moritz Muehlenhoff@1:229/2 to All on Wed Dec 19 23:40:01 2018
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4355-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 19, 2018 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : openssl1.0
    CVE ID : CVE-2018-0732 CVE-2018-0734 CVE-2018-0737 CVE-2018-5407

    Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets
    Layer toolkit.

    For the stable distribution (stretch), these problems have been fixed in version 1.0.2q-1~deb9u1. Going forward, openssl1.0 security updates for
    stretch will be based on the 1.0.2x upstream releases.

    We recommend that you upgrade your openssl1.0 packages.

    For the detailed security status of openssl1.0 please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/openssl1.0

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlwaxeQACgkQEMKTtsN8 TjZVQQ//eOqeqdTZgGqXS7hI2TPT/m1mLLFfGQvxKvqYAvo+eNns5PbHGvhoM3OY 6TnR7dh3PFRHogYh7IeEymFM12HmNxX75Fz5Rs2/AX8dNvbACZFWmodkE7REm1// oLaQbr74Bq0T8pzfRntLZGqTRcumfvbGEWO4Sfob/RJ9F9+LfUKdiTI6wIcNXBtr 47Lffe10gGok+5qmruMgf3fy+verwu6uLPrLX+ekHKW383gB9M26S0BwQMU2AIlu PzJ7IPL515aBdOogeCTG3Ag1nMFfkaX4537zn5QpqcPcx/NGmcyrRgHzS0CbRIBG DFlAsO5rJdAUqw660MxNgkBkUNBDok6jW79HFmjyAO2aY5/QcCN+LhLng7A3FO7F Eg+kFifibUgs2y7fGlcGMZmLzRtparDtb+MrBXXrSar/nzcdrRwSk+1gjmB8iIVO W/J7s0GFHZ2V+FfOuDeBoprH7yLT8Ny8/IBSfLe/JiiTzzh+5l9D23dRTcT0PfFy hRboNQ+VLEpl1N1mfgB6pNpRaFoMCsoXe26rpkRiEfwXVRFgcsJbAJA27kgMko4S q8JzaJo4/YiACng5u6b0bwv2IaExrEnXhfje8oxxABDNQmu5E9tu1artCtHVaL3K TNyBsE9TZNSIZQgkoVoSHbeLVdAVgBLXTyzjKNxuzCvMl0VolGY=
    =Q1ou
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)