[UCI-Linux] [SECURITY] Fedora Core 3 Update: openssl096b-0.9.6b-21.42

Mike Iglesias iglesias at draco.acs.uci.edu
Mon Oct 31 13:15:30 PST 2005

From: "Tomas Mraz" <tmraz at redhat.com>
To: fedora-announce-list at redhat.com
Date: Mon, 31 Oct 2005 15:15:30 -0500
Subject: [SECURITY] Fedora Core 3 Update: openssl096b-0.9.6b-21.42

Fedora Update Notification

Product     : Fedora Core 3
Name        : openssl096b
Version     : 0.9.6b                      
Release     : 21.42                  
Summary     : The OpenSSL toolkit.
Description :
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and

Update Information:

CAN-2004-0079, a remote crasher, was originally believed to
only affect versions of OpenSSL after 0.9.6b verified with
Codenomicon test suite (see pkt539.c). However we've had a
customer report that this affects 0.9.6b via a different
reproducer. This therefore affects the openssl096b
compat packages as shipped with FC-3.

* Mon Oct 31 2005 Tomas Mraz <tmraz at redhat.com> 0.9.6b-21.42
- fix CVE-2004-0079 - prevent a null pointer assignment in
- add security fix for CVE-2003-0851 to sync with 2.1AS

This update can be downloaded from:

8d68e4b430aa7c5ca067c12866ae694e  SRPMS/openssl096b-0.9.6b-21.42.src.rpm
54a9e78a2fdd625b9dc9121e09eb4398  x86_64/openssl096b-0.9.6b-21.42.x86_64.rpm
c5c6174e23eba8d038889d08f49231b8  x86_64/debug/openssl096b-debuginfo-0.9.6b-21.42.x86_64.rpm
56b63fc150d0c099b2e4f0950e21005b  x86_64/openssl096b-0.9.6b-21.42.i386.rpm
56b63fc150d0c099b2e4f0950e21005b  i386/openssl096b-0.9.6b-21.42.i386.rpm
93195495585c7e9789041c75b1ed5380  i386/debug/openssl096b-debuginfo-0.9.6b-21.42.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  

fedora-announce-list mailing list
fedora-announce-list at redhat.com

More information about the UCI-Linux mailing list