From: Secunia Security Advisories (sec-advsecunia.com)
Date: Tue Dec 07 2004 - 03:20:18 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

TITLE:
Mandrake update for openssl

SECUNIA ADVISORY ID:
SA13383

VERIFY ADVISORY:
http://secunia.com/advisories/13383/

CRITICAL:
Less critical

IMPACT:
Privilege escalation

WHERE:
Local system

OPERATING SYSTEM:
Mandrake Corporate Server 2.x
http://secunia.com/product/1222/
Mandrake Linux 9.x
http://secunia.com/product/398/
Mandrake Multi Network Firewall 8.x
http://secunia.com/product/1112/
Mandrakelinux 10.0
http://secunia.com/product/3918/
Mandrakelinux 10.1
http://secunia.com/product/4198/

DESCRIPTION:
MandrakeSoft has issued an update for openssl. This fixes a
vulnerability, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges.

For more information:
SA12973

SOLUTION:
Apply updated packages.

Mandrakelinux 10.0:
c0d41b5423a09f01decc40e84fd005cb
10.0/RPMS/libopenssl0.9.7-0.9.7c-3.1.100mdk.i586.rpm
82b573c6825f9a3abdd8a23da2fe7c2c
10.0/RPMS/libopenssl0.9.7-devel-0.9.7c-3.1.100mdk.i586.rpm
7c4e0ddd161ae064928c3f3563a2dc4e
10.0/RPMS/libopenssl0.9.7-static-devel-0.9.7c-3.1.100mdk.i586.rpm
d4d97f7b45004bd8d69ef90bce972442
10.0/RPMS/openssl-0.9.7c-3.1.100mdk.i586.rpm
f09ed46ce152ac3396ce5a4a4b2036d0
10.0/SRPMS/openssl-0.9.7c-3.1.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
d9d9037cf0170a9e6ef1702f3e786b8a
amd64/10.0/RPMS/lib64openssl0.9.7-0.9.7c-3.1.100mdk.amd64.rpm
cfa623fa40be35d5cc99053bafd625c1
amd64/10.0/RPMS/lib64openssl0.9.7-devel-0.9.7c-3.1.100mdk.amd64.rpm
0098601eae49e65ee1fae0283bc4ffff
amd64/10.0/RPMS/lib64openssl0.9.7-static-devel-0.9.7c-3.1.100mdk.amd64.rpm
06d845c07b46356cef699f94a67b9bc0
amd64/10.0/RPMS/openssl-0.9.7c-3.1.100mdk.amd64.rpm
f09ed46ce152ac3396ce5a4a4b2036d0
amd64/10.0/SRPMS/openssl-0.9.7c-3.1.100mdk.src.rpm

Mandrakelinux 10.1:
ae229d9586ea295545e577960ecfc9d5
10.1/RPMS/libopenssl0.9.7-0.9.7d-1.1.101mdk.i586.rpm
66d4393ab8ad6c72242fe03676d452bb
10.1/RPMS/libopenssl0.9.7-devel-0.9.7d-1.1.101mdk.i586.rpm
003f9c7ba693314fe0cfd5c91f0d154b
10.1/RPMS/libopenssl0.9.7-static-devel-0.9.7d-1.1.101mdk.i586.rpm
00e24e1fa79a339a5e1a92d9c2996082
10.1/RPMS/openssl-0.9.7d-1.1.101mdk.i586.rpm
5c453b0349f604e2955a889f624982d6
10.1/SRPMS/openssl-0.9.7d-1.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
45a998be7caf5d54a7a8a106e2e6cf9a
x86_64/10.1/RPMS/lib64openssl0.9.7-0.9.7d-1.1.101mdk.x86_64.rpm
000606c0fde3660e4c623f1ddb319e47
x86_64/10.1/RPMS/lib64openssl0.9.7-devel-0.9.7d-1.1.101mdk.x86_64.rpm
f75779760ee204bbfaab4173575964cd
x86_64/10.1/RPMS/lib64openssl0.9.7-static-devel-0.9.7d-1.1.101mdk.x86_64.rpm
81457d174401f6033cb03a9404145278
x86_64/10.1/RPMS/openssl-0.9.7d-1.1.101mdk.x86_64.rpm
5c453b0349f604e2955a889f624982d6
x86_64/10.1/SRPMS/openssl-0.9.7d-1.1.101mdk.src.rpm

Corporate Server 2.1:
63355bf82d2b54f08a970383c9c5192c
corporate/2.1/RPMS/libopenssl0-0.9.6i-1.8.C21mdk.i586.rpm
9d557d9105a7a2d1b1026543d6fedf2c
corporate/2.1/RPMS/libopenssl0-devel-0.9.6i-1.8.C21mdk.i586.rpm
0929ca75a91cd5c4f553329aa7e818a8
corporate/2.1/RPMS/libopenssl0-static-devel-0.9.6i-1.8.C21mdk.i586.rpm
2cd8e70cc5c66c4797392e4ea3a0348f
corporate/2.1/RPMS/openssl-0.9.6i-1.8.C21mdk.i586.rpm
337b3ad1c49fc5e91f2d72ea6a493868
corporate/2.1/SRPMS/openssl-0.9.6i-1.8.C21mdk.src.rpm

Corporate Server 2.1/x86_64:
1fb93ddabdccd9edd724e7d6818e7299
x86_64/corporate/2.1/RPMS/libopenssl0-0.9.6i-1.8.C21mdk.x86_64.rpm
acfe2f603298bae71c4f35a928d9ba88
x86_64/corporate/2.1/RPMS/libopenssl0-devel-0.9.6i-1.8.C21mdk.x86_64.rpm
daf31defd9c4b27bf28581bd7ed7fd2c
x86_64/corporate/2.1/RPMS/libopenssl0-static-devel-0.9.6i-1.8.C21mdk.x86_64.rpm
cade4a4db47d263c6660591d1bf9d5a1
x86_64/corporate/2.1/RPMS/openssl-0.9.6i-1.8.C21mdk.x86_64.rpm
337b3ad1c49fc5e91f2d72ea6a493868
x86_64/corporate/2.1/SRPMS/openssl-0.9.6i-1.8.C21mdk.src.rpm

Mandrakelinux 9.2:
f014f2318e559b7cfc5fc5bd2a010b67
9.2/RPMS/libopenssl0.9.7-0.9.7b-5.1.92mdk.i586.rpm
db4c7a4d97015c04a03ed69fa8d9c941
9.2/RPMS/libopenssl0.9.7-devel-0.9.7b-5.1.92mdk.i586.rpm
1368b0bf03dcebb17b6f1d5359411d8b
9.2/RPMS/libopenssl0.9.7-static-devel-0.9.7b-5.1.92mdk.i586.rpm
369d6104e62dc23e23c2d9f05e0d03db
9.2/RPMS/openssl-0.9.7b-5.1.92mdk.i586.rpm
9389817df3eb169e26536635c129e853
9.2/SRPMS/openssl-0.9.7b-5.1.92mdk.src.rpm

Mandrakelinux 9.2/AMD64:
a0f963c1ab90037dcdf57dba1337e48d
amd64/9.2/RPMS/lib64openssl0.9.7-0.9.7b-5.1.92mdk.amd64.rpm
587ef4344175ab4532e0e569ea733df3
amd64/9.2/RPMS/lib64openssl0.9.7-devel-0.9.7b-5.1.92mdk.amd64.rpm
4638c1af2de29459e2c1fae27fd28659
amd64/9.2/RPMS/lib64openssl0.9.7-static-devel-0.9.7b-5.1.92mdk.amd64.rpm
18d875fb53f6b5c0adfc22fed5193645
amd64/9.2/RPMS/openssl-0.9.7b-5.1.92mdk.amd64.rpm
9389817df3eb169e26536635c129e853
amd64/9.2/SRPMS/openssl-0.9.7b-5.1.92mdk.src.rpm

Multi Network Firewall 8.2:
eeaeae17ef647b22de71170105190f87
mnf8.2/RPMS/libopenssl0-0.9.6i-1.7.M82mdk.i586.rpm
b3ffacae8b78391fcc30267a3f252223
mnf8.2/RPMS/openssl-0.9.6i-1.7.M82mdk.i586.rpm
aa558b895ae77092ae29dec127a5a2a0
mnf8.2/SRPMS/openssl-0.9.6i-1.7.M82mdk.src.rpm

ORIGINAL ADVISORY:
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:147

OTHER REFERENCES:
SA12973:
http://secunia.com/advisories/12973/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]