---------------------------------------------------------------------- Want to work within IT-Security? Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit. Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: Debian update for openssl SECUNIA ADVISORY ID: SA22240 VERIFY ADVISORY: http://secunia.com/advisories/22240/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ Debian GNU/Linux 3.1 http://secunia.com/product/5307/ DESCRIPTION: Debian has issued an update for openssl. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. For more information: SA22130 SOLUTION: Apply updated packages. -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3.dsc Size/MD5 checksum: 639 fbf460591348b14103a3819d23164aee http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3.diff.gz Size/MD5 checksum: 29882 25e5c57ee6c86d1e4cc335937040f251 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e.orig.tar.gz Size/MD5 checksum: 3043231 a8777164bca38d84e5eb2b1535223474 Alpha architecture: http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_alpha.deb Size/MD5 checksum: 3341810 73ef8e1cafbfd142a903bd93535a2428 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_alpha.deb Size/MD5 checksum: 2448006 b42d228cd1cb48024b25f5bd7c6724b8 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_alpha.deb Size/MD5 checksum: 930188 b0b9a46a47a1992ed455f993b6007450 AMD64 architecture: http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_amd64.deb Size/MD5 checksum: 2693668 7a6d9f9ad43192bcfe9ed22bd4c227cb http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_amd64.deb Size/MD5 checksum: 703308 239e07d0029b78d339da49ea8dacb554 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_amd64.deb Size/MD5 checksum: 903744 de3413bf58707040d19a606311548ec7 ARM architecture: http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_arm.deb Size/MD5 checksum: 2556374 4f3d5a82ab27e46f6174616dd2f0818c http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_arm.deb Size/MD5 checksum: 690118 80812ffefacc7d9800ce5286909aa815 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_arm.deb Size/MD5 checksum: 894114 053579483c0d83c11a4b15ade5e09d3b HP Precision architecture: http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_hppa.deb Size/MD5 checksum: 2695876 bee86edc3db3ac76a32efb84b1a1cfab http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_hppa.deb Size/MD5 checksum: 791316 5dfd66672700232356a26258a76bcffa http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_hppa.deb Size/MD5 checksum: 914574 bc996d3cd86b18090ee4c2f3f31dbdbc Intel IA-32 architecture: http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_i386.deb Size/MD5 checksum: 2553694 ceea98c69ca44649ee2c98cff0364e4b http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_i386.deb Size/MD5 checksum: 2264996 111668559caa8ea95ad3100af67e163e http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_i386.deb Size/MD5 checksum: 902750 39b743a6a47517245c3fba9289c86ddf Intel IA-64 architecture: http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_ia64.deb Size/MD5 checksum: 3396192 54868b4f5c27f5dc0a65b82594aa8bb0 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_ia64.deb Size/MD5 checksum: 1038386 7fcec764f3b3d3ee53588791f7588ad9 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_ia64.deb Size/MD5 checksum: 975118 18239f1932f399df0396e81a1e57e5e3 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_m68k.deb Size/MD5 checksum: 2317346 cf221d4a25c8913c1183078f1974b46b http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_m68k.deb Size/MD5 checksum: 661672 1a1e72d032cbd37400a65ef7ddf9af6d http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_m68k.deb Size/MD5 checksum: 889874 6eaaf9b7b9651b37437b78d7a95a562a Big endian MIPS architecture: http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_mips.deb Size/MD5 checksum: 2779474 383cc3f4bd2c75515e415c48fc6c66eb http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_mips.deb Size/MD5 checksum: 706660 aaa773471c553fd971b3158e35ceb675 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_mips.deb Size/MD5 checksum: 896780 21c648b8e817ce098d9d85f311163e34 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_mipsel.deb Size/MD5 checksum: 2767338 bc2e40477ad28b1eedb69e6542b1ab08 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_mipsel.deb Size/MD5 checksum: 694486 8c31bcea415ae3d725844e45a733d7fe http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_mipsel.deb Size/MD5 checksum: 895860 8af869dc9a903f8a226d33cdcffc7eab PowerPC architecture: http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_powerpc.deb Size/MD5 checksum: 2775400 91f923d2f4f3938ef8a786b291865f0a http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_powerpc.deb Size/MD5 checksum: 779452 3b094894ca6d75b7c86684c7cd62f5bf http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_powerpc.deb Size/MD5 checksum: 908316 b93dffc572d91d9e4154b73c57b41e88 IBM S/390 architecture: http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_s390.deb Size/MD5 checksum: 2717840 a96fb19009ddc10b1901f34e232109ae http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_s390.deb Size/MD5 checksum: 813968 1cf6dbddb023dfe8c55d30d19bc0ff57 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_s390.deb Size/MD5 checksum: 918504 73d2f71ec2c8ebd4cc3f481096202664 Sun Sparc architecture: http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_sparc.deb Size/MD5 checksum: 2630560 059abd03c994e3d6851f38f6f7dd5446 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_sparc.deb Size/MD5 checksum: 1886038 4900a7af6cbef9e37c902a3c14ac33ac http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_sparc.deb Size/MD5 checksum: 924472 27f194ff2250fc91d0375c02d6686272 -- Debian GNU/Linux unstable alias sid -- Reportedly, this will be fixed in version 0.9.7k-2 of the openssl097 compatibility libraries, and version 0.9.8c-2 of the openssl package. ORIGINAL ADVISORY: http://www.us.debian.org/security/2006/dsa-1185 OTHER REFERENCES: SA22130: http://secunia.com/advisories/22130/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------