---------------------------------------------------------------------- Want to work within IT-Security? Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit. Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: SUSE update for openssl SECUNIA ADVISORY ID: SA22172 VERIFY ADVISORY: http://secunia.com/advisories/22172/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: SUSE Linux 10 http://secunia.com/product/6221/ SUSE Linux 10.1 http://secunia.com/product/10796/ SUSE Linux 9.2 http://secunia.com/product/4258/ SUSE Linux 9.3 http://secunia.com/product/4933/ SuSE Linux Desktop 1.x http://secunia.com/product/2002/ SuSE Linux Enterprise Server 8 http://secunia.com/product/1171/ SUSE Linux Enterprise Server 9 http://secunia.com/product/4118/ SuSE Linux Openexchange Server 4.x http://secunia.com/product/2001/ SuSE Linux Standard Server 8 http://secunia.com/product/2526/ UnitedLinux 1.0 http://secunia.com/product/2003/ SOFTWARE: Novell Open Enterprise Server http://secunia.com/product/4664/ DESCRIPTION: SUSE has issued an update for openssl. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. For more information: SA22130 SOLUTION: Apply updated packages. -- x86 Platform -- SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/openssl-0.9.8a-18.10.i586.rpm f5d7a08e60a52b7816cae88e9def7762 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/openssl-devel-0.9.8a-18.10.i586.rpm a583491fc985dff2f3f405776fa8554a SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/openssl-0.9.7g-2.10.i586.rpm 13d07a7a3b81fdef9ba68b0f0670f14c ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/openssl-devel-0.9.7g-2.10.i586.rpm 1198085023a60d99ce90207b5498db45 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/openssl-0.9.7e-3.6.i586.rpm 51606d0da43bc5c61562bb8d4679ca8b ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/openssl-devel-0.9.7e-3.6.i586.rpm c6a9122fec64b5a82f433c56b602f2b5 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/openssl-0.9.7d-25.6.i586.rpm 96b59a2af5663ae1f780626da0b5756a ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/openssl-devel-0.9.7d-25.6.i586.rpm e33a86104b85919dda444b4a9901a10b -- Power PC Platform -- SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/openssl-0.9.8a-18.10.ppc.rpm 8310266cd6da01baaf964ed8cac841c0 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/openssl-devel-0.9.8a-18.10.ppc.rpm 8ff4b94e685be05d00599ecc6cc939e7 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/openssl-0.9.7g-2.10.ppc.rpm 0678839057c3170dc84fab28b3dd202f ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/openssl-devel-0.9.7g-2.10.ppc.rpm e86965c19538073b15c2131a04c20260 -- x86-64 Platform -- SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/openssl-0.9.8a-18.10.x86_64.rpm 28dc138c088450b753fdd419c487023e ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/openssl-32bit-0.9.8a-18.10.x86_64.rpm 651d62cab3c31d0bc3e18b91a4ba9ac3 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/openssl-devel-0.9.8a-18.10.x86_64.rpm 2a3e98aca1aa613a58f09b39f12e84a4 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/openssl-devel-32bit-0.9.8a-18.10.x86_64.rpm 81bb446763424df4c18eac760e0ed80e SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/openssl-0.9.7g-2.10.x86_64.rpm 5a612bd7a6756e2926a3ef59a72fd197 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/openssl-32bit-0.9.7g-2.10.x86_64.rpm 840e98707317d9cef51837a486541be7 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/openssl-devel-0.9.7g-2.10.x86_64.rpm 46b1a289d445c5304001aba4417e73a9 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/openssl-devel-32bit-0.9.7g-2.10.x86_64.rpm a4e2a59c151ff22ed683e115da8fce48 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/openssl-0.9.7e-3.6.x86_64.rpm 3bf35d8e03848aa87a662b93a8c14fe1 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/openssl-32bit-9.3-7.3.x86_64.rpm 35ce818f05f655397c4b1b13ba3a93b3 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/openssl-devel-0.9.7e-3.6.x86_64.rpm dcfbcadb626de068028ac546f07ba685 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/openssl-devel-32bit-9.3-7.3.x86_64.rpm da50170edc9a2596954c2453030494d6 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/openssl-0.9.7d-25.6.x86_64.rpm 32ec53e71eefb0ebe893034ac2e552ac ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/openssl-32bit-9.2-200609270647.x86_64.rpm 0b7706ce568832eb1b2e86bdd7cbe51d ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/openssl-devel-0.9.7d-25.6.x86_64.rpm c8671a7a77dcc5a08e2c19f9a6ff056c ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/openssl-devel-32bit-9.2-200609270647.x86_64.rpm 2bebb0fea9579ca5e659fca63c7beac0 -- Sources -- SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/openssl-0.9.8a-18.10.src.rpm 2613501ca4ea03f1a79548014b13ff67 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/openssl-0.9.7g-2.10.src.rpm c5b1ff892ff74af82ddbceaf757c6fb3 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/openssl-0.9.7e-3.6.src.rpm f62e34422fc77343fd15a1790e6ef8d8 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/openssl-0.9.7d-25.6.src.rpm 8c451560ea55a3bec1b01f0b36943048 ORIGINAL ADVISORY: http://lists.suse.com/archive/suse-security-announce/2006-Sep/0013.html OTHER REFERENCES: SA22130: http://secunia.com/advisories/22130/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------