Skip to navigation

Security Advisory openssl security update

Advisory: RHSA-2006:0695-12
Type: Security Advisory
Severity: Important
Issued on: 2006-09-28
Last updated on: 2006-09-28
Affected Products: Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
CVEs (cve.mitre.org): CVE-2006-2937
CVE-2006-2940
CVE-2006-3738
CVE-2006-4343

Details

Updated OpenSSL packages are now available to correct several security issues.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and protocols.

Tavis Ormandy and Will Drewry of the Google Security Team discovered a
buffer overflow in the SSL_get_shared_ciphers() utility function. An
attacker could send a list of ciphers to an application that used this
function and overrun a buffer (CVE-2006-3738). Few applications make use
of this vulnerable function and generally it is used only when applications
are compiled for debugging.

Tavis Ormandy and Will Drewry of the Google Security Team discovered a
flaw in the SSLv2 client code. When a client application used OpenSSL to
create an SSLv2 connection to a malicious server, that server could cause
the client to crash. (CVE-2006-4343)

Dr S. N. Henson of the OpenSSL core team and Open Network Security recently
developed an ASN.1 test suite for NISCC (www.niscc.gov.uk) which uncovered
denial of service vulnerabilities:

* Certain public key types can take disproportionate amounts of time to
process, leading to a denial of service. (CVE-2006-2940)

* During parsing of certain invalid ASN.1 structures an error condition was
mishandled. This can result in an infinite loop which consumed system
memory (CVE-2006-2937). This issue does not affect the OpenSSL version
distributed in Red Hat Enterprise Linux 2.1.

These vulnerabilities can affect applications which use OpenSSL to parse
ASN.1 data from untrusted sources, including SSL servers which enable
client authentication and S/MIME applications.

Users are advised to upgrade to these updated packages, which contain
backported patches to correct these issues.

Note: After installing this update, users are advised to either restart all
services that use OpenSSL or restart their system.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Updated packages

Red Hat Desktop (v. 3)

SRPMS:
openssl-0.9.7a-33.21.src.rpm
File outdated by:  RHSA-2010:0163
    MD5: a973479e3a45ab875fbc961df839de8e
openssl096b-0.9.6b-16.46.src.rpm
File outdated by:  RHSA-2010:0173
    MD5: 13f3a51b79f3937206cc6a6a8aa6391d
 
IA-32:
openssl-0.9.7a-33.21.i386.rpm
File outdated by:  RHSA-2010:0163
    MD5: 827852982785bfa3d5df09de6ff75091
openssl-0.9.7a-33.21.i686.rpm
File outdated by:  RHSA-2010:0163
    MD5: 0ddbef7542c03a39e5b783befa49faf9
openssl-devel-0.9.7a-33.21.i386.rpm
File outdated by:  RHSA-2010:0163
    MD5: a87c753f7e6405ae8fa0aaebc68385c0
openssl-perl-0.9.7a-33.21.i386.rpm
File outdated by:  RHSA-2010:0163
    MD5: 31945ca92c89ac970ae6dfb771b62f90
openssl096b-0.9.6b-16.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: 471caa16df4173c4e25942bced25dcac
 
x86_64:
openssl-0.9.7a-33.21.i686.rpm
File outdated by:  RHSA-2010:0163
    MD5: 0ddbef7542c03a39e5b783befa49faf9
openssl-0.9.7a-33.21.x86_64.rpm
File outdated by:  RHSA-2010:0163
    MD5: 828ad64a16daf904ee6f670d2ace71cb
openssl-devel-0.9.7a-33.21.x86_64.rpm
File outdated by:  RHSA-2010:0163
    MD5: 3af1217ec416c8960d4be2201592553f
openssl-perl-0.9.7a-33.21.x86_64.rpm
File outdated by:  RHSA-2010:0163
    MD5: ebe87dda7ab2d3c45e955810b09961b7
openssl096b-0.9.6b-16.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: 471caa16df4173c4e25942bced25dcac
openssl096b-0.9.6b-16.46.x86_64.rpm
File outdated by:  RHSA-2010:0173
    MD5: caea4604b3d35b9829093d2221ebd828
 
Red Hat Desktop (v. 4)

SRPMS:
openssl-0.9.7a-43.14.src.rpm
File outdated by:  RHSA-2012:0086
    MD5: d833a111c7c142e838e21b46c2d3d3ca
openssl096b-0.9.6b-22.46.src.rpm
File outdated by:  RHSA-2010:0173
    MD5: 2294eea329ff59ad7e7b04331c46e485
 
IA-32:
openssl-0.9.7a-43.14.i386.rpm
File outdated by:  RHSA-2012:0086
    MD5: 064f523a3b6f886949031d85902a74e0
openssl-0.9.7a-43.14.i686.rpm
File outdated by:  RHSA-2012:0086
    MD5: f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-devel-0.9.7a-43.14.i386.rpm
File outdated by:  RHSA-2012:0086
    MD5: 7591b0a079addeaed3ca622c61b170d2
openssl-perl-0.9.7a-43.14.i386.rpm
File outdated by:  RHSA-2012:0086
    MD5: e4b978822f9e39a4b1095690f2de6ab3
openssl096b-0.9.6b-22.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: afb33c059e8edb6b092a5e6ed247d191
 
x86_64:
openssl-0.9.7a-43.14.i686.rpm
File outdated by:  RHSA-2012:0086
    MD5: f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-0.9.7a-43.14.x86_64.rpm
File outdated by:  RHSA-2012:0086
    MD5: f0985b8088804e3bd7309b1ca2ca1d21
openssl-devel-0.9.7a-43.14.x86_64.rpm
File outdated by:  RHSA-2012:0086
    MD5: 9a489c77daf969a867f3f18bee4bb6aa
openssl-perl-0.9.7a-43.14.x86_64.rpm
File outdated by:  RHSA-2012:0086
    MD5: d16bd233156bf495de3854d2d915c5c3
openssl096b-0.9.6b-22.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: afb33c059e8edb6b092a5e6ed247d191
openssl096b-0.9.6b-22.46.x86_64.rpm
File outdated by:  RHSA-2010:0173
    MD5: 48478bec0a72ec719a31f60ddb376dad
 
Red Hat Enterprise Linux AS (v. 2.1)

SRPMS:
openssl-0.9.6b-46.src.rpm
File outdated by:  RHSA-2009:0004
    MD5: 8dec955be0bcdb6aae9bc0fc6c832eca
openssl095a-0.9.5a-32.src.rpm
File outdated by:  RHSA-2009:0004
    MD5: 31991401d1065d4934f00a7cb0b35b30
openssl096-0.9.6-32.src.rpm
File outdated by:  RHSA-2009:0004
    MD5: f2854e9ff45b62b93e8f9cb1b59a05c1
 
IA-32:
openssl-0.9.6b-46.i386.rpm
File outdated by:  RHSA-2009:0004
    MD5: c28b3f1b264ab2ea1986cf2c0f211437
openssl-0.9.6b-46.i686.rpm
File outdated by:  RHSA-2009:0004
    MD5: fca94acfb677dc9155716d7a779f7ede
openssl-devel-0.9.6b-46.i386.rpm
File outdated by:  RHSA-2009:0004
    MD5: b2edb35842b91ed24dbee0a739993129
openssl-perl-0.9.6b-46.i386.rpm
File outdated by:  RHSA-2009:0004
    MD5: b502425dd73fdc854d1bbe6f29f65bd8
openssl095a-0.9.5a-32.i386.rpm
File outdated by:  RHSA-2009:0004
    MD5: a0212f46e2e06dc8557154fd444b8277
openssl096-0.9.6-32.i386.rpm
File outdated by:  RHSA-2009:0004
    MD5: b64b17ba8f32468723a569d36642defc
 
IA-64:
openssl-0.9.6b-46.ia64.rpm
File outdated by:  RHSA-2009:0004
    MD5: 910ab86216c49bfd0091f10f77da729c
openssl-devel-0.9.6b-46.ia64.rpm
File outdated by:  RHSA-2009:0004
    MD5: 7f9f4c612988c83a7a42849eee5cd8cd
openssl-perl-0.9.6b-46.ia64.rpm
File outdated by:  RHSA-2009:0004
    MD5: 6741a6cad4ee2bd6971ec6c2ae4744af
openssl095a-0.9.5a-32.ia64.rpm
File outdated by:  RHSA-2009:0004
    MD5: 23953bd1c31641930574c3e72256f026
openssl096-0.9.6-32.ia64.rpm
File outdated by:  RHSA-2009:0004
    MD5: 1a1277a9803202b82258d8e0194bd559
 
Red Hat Enterprise Linux AS (v. 3)

SRPMS:
openssl-0.9.7a-33.21.src.rpm
File outdated by:  RHSA-2010:0163
    MD5: a973479e3a45ab875fbc961df839de8e
openssl096b-0.9.6b-16.46.src.rpm
File outdated by:  RHSA-2010:0173
    MD5: 13f3a51b79f3937206cc6a6a8aa6391d
 
IA-32:
openssl-0.9.7a-33.21.i386.rpm
File outdated by:  RHSA-2010:0163
    MD5: 827852982785bfa3d5df09de6ff75091
openssl-0.9.7a-33.21.i686.rpm
File outdated by:  RHSA-2010:0163
    MD5: 0ddbef7542c03a39e5b783befa49faf9
openssl-devel-0.9.7a-33.21.i386.rpm
File outdated by:  RHSA-2010:0163
    MD5: a87c753f7e6405ae8fa0aaebc68385c0
openssl-perl-0.9.7a-33.21.i386.rpm
File outdated by:  RHSA-2010:0163
    MD5: 31945ca92c89ac970ae6dfb771b62f90
openssl096b-0.9.6b-16.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: 471caa16df4173c4e25942bced25dcac
 
IA-64:
openssl-0.9.7a-33.21.i686.rpm
File outdated by:  RHSA-2010:0163
    MD5: 0ddbef7542c03a39e5b783befa49faf9
openssl-0.9.7a-33.21.ia64.rpm
File outdated by:  RHSA-2010:0163
    MD5: 5651e3de97f42cd855a931b6a80f2de9
openssl-devel-0.9.7a-33.21.ia64.rpm
File outdated by:  RHSA-2010:0163
    MD5: 57708528d814ff3c8b258d4a80528436
openssl-perl-0.9.7a-33.21.ia64.rpm
File outdated by:  RHSA-2010:0163
    MD5: 7d5ed68eb555dc1bcbc4fbabcc5b73ad
openssl096b-0.9.6b-16.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: 471caa16df4173c4e25942bced25dcac
openssl096b-0.9.6b-16.46.ia64.rpm
File outdated by:  RHSA-2010:0173
    MD5: 71fc44bb49b0d92913663c8cb876e669
 
PPC:
openssl-0.9.7a-33.21.ppc.rpm
File outdated by:  RHSA-2010:0163
    MD5: 23dd92775b7dff6f9af187e70189a441
openssl-0.9.7a-33.21.ppc64.rpm
File outdated by:  RHSA-2010:0163
    MD5: fdd82d793ffa19d4b2cb24436715b6ef
openssl-devel-0.9.7a-33.21.ppc.rpm
File outdated by:  RHSA-2010:0163
    MD5: cf07c421339a5cbc7b83b445dc83cbb3
openssl-perl-0.9.7a-33.21.ppc.rpm
File outdated by:  RHSA-2010:0163
    MD5: 4b64038e9b9e1a21125ed5fe96936f3a
openssl096b-0.9.6b-16.46.ppc.rpm
File outdated by:  RHSA-2010:0173
    MD5: 251d55b641566819d7a622c3df7adae2
 
s390:
openssl-0.9.7a-33.21.s390.rpm
File outdated by:  RHSA-2010:0163
    MD5: 4537fa728fbd6535bf9ebfc1dfae9db4
openssl-devel-0.9.7a-33.21.s390.rpm
File outdated by:  RHSA-2010:0163
    MD5: 0ca48923672d80934b89dd4f23f19477
openssl-perl-0.9.7a-33.21.s390.rpm
File outdated by:  RHSA-2010:0163
    MD5: 586f5db21d131f1124b6c9a86a06392f
openssl096b-0.9.6b-16.46.s390.rpm
File outdated by:  RHSA-2010:0173
    MD5: ba87b58750856cc18d5de41573455ad6
 
s390x:
openssl-0.9.7a-33.21.s390.rpm
File outdated by:  RHSA-2010:0163
    MD5: 4537fa728fbd6535bf9ebfc1dfae9db4
openssl-0.9.7a-33.21.s390x.rpm
File outdated by:  RHSA-2010:0163
    MD5: 287730c6542c5f6f75f21175bc35663a
openssl-devel-0.9.7a-33.21.s390x.rpm
File outdated by:  RHSA-2010:0163
    MD5: 03d78bb245573ca4dee34deeb38147de
openssl-perl-0.9.7a-33.21.s390x.rpm
File outdated by:  RHSA-2010:0163
    MD5: 3e74b96f4ede173e0c9ec76d39991759
openssl096b-0.9.6b-16.46.s390.rpm
File outdated by:  RHSA-2010:0173
    MD5: ba87b58750856cc18d5de41573455ad6
 
x86_64:
openssl-0.9.7a-33.21.i686.rpm
File outdated by:  RHSA-2010:0163
    MD5: 0ddbef7542c03a39e5b783befa49faf9
openssl-0.9.7a-33.21.x86_64.rpm
File outdated by:  RHSA-2010:0163
    MD5: 828ad64a16daf904ee6f670d2ace71cb
openssl-devel-0.9.7a-33.21.x86_64.rpm
File outdated by:  RHSA-2010:0163
    MD5: 3af1217ec416c8960d4be2201592553f
openssl-perl-0.9.7a-33.21.x86_64.rpm
File outdated by:  RHSA-2010:0163
    MD5: ebe87dda7ab2d3c45e955810b09961b7
openssl096b-0.9.6b-16.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: 471caa16df4173c4e25942bced25dcac
openssl096b-0.9.6b-16.46.x86_64.rpm
File outdated by:  RHSA-2010:0173
    MD5: caea4604b3d35b9829093d2221ebd828
 
Red Hat Enterprise Linux AS (v. 4)

SRPMS:
openssl-0.9.7a-43.14.src.rpm
File outdated by:  RHSA-2012:0086
    MD5: d833a111c7c142e838e21b46c2d3d3ca
openssl096b-0.9.6b-22.46.src.rpm
File outdated by:  RHSA-2010:0173
    MD5: 2294eea329ff59ad7e7b04331c46e485
 
IA-32:
openssl-0.9.7a-43.14.i386.rpm
File outdated by:  RHSA-2012:0086
    MD5: 064f523a3b6f886949031d85902a74e0
openssl-0.9.7a-43.14.i686.rpm
File outdated by:  RHSA-2012:0086
    MD5: f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-devel-0.9.7a-43.14.i386.rpm
File outdated by:  RHSA-2012:0086
    MD5: 7591b0a079addeaed3ca622c61b170d2
openssl-perl-0.9.7a-43.14.i386.rpm
File outdated by:  RHSA-2012:0086
    MD5: e4b978822f9e39a4b1095690f2de6ab3
openssl096b-0.9.6b-22.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: afb33c059e8edb6b092a5e6ed247d191
 
IA-64:
openssl-0.9.7a-43.14.i686.rpm
File outdated by:  RHSA-2012:0086
    MD5: f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-0.9.7a-43.14.ia64.rpm
File outdated by:  RHSA-2012:0086
    MD5: 73e0d1fb22c73ed95e47257a6da1b129
openssl-devel-0.9.7a-43.14.ia64.rpm
File outdated by:  RHSA-2012:0086
    MD5: b0b3d7b2d3772a89f428c868a62da176
openssl-perl-0.9.7a-43.14.ia64.rpm
File outdated by:  RHSA-2012:0086
    MD5: 5dde996b5bac48158eb076686aeab2c4
openssl096b-0.9.6b-22.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: afb33c059e8edb6b092a5e6ed247d191
openssl096b-0.9.6b-22.46.ia64.rpm
File outdated by:  RHSA-2010:0173
    MD5: 617658bda3b36c2b62810f8fad8bf5ad
 
PPC:
openssl-0.9.7a-43.14.ppc.rpm
File outdated by:  RHSA-2012:0086
    MD5: 3cf9896ac1e976947a0a3112dc99a22c
openssl-0.9.7a-43.14.ppc64.rpm
File outdated by:  RHSA-2012:0086
    MD5: 67279d21b053d35fe41ba527de3bd00a
openssl-devel-0.9.7a-43.14.ppc.rpm
File outdated by:  RHSA-2012:0086
    MD5: 339baf396db81a6d86eb73cdd5a10695
openssl-perl-0.9.7a-43.14.ppc.rpm
File outdated by:  RHSA-2012:0086
    MD5: fdb5013a4955aea544c7117e0af9644c
openssl096b-0.9.6b-22.46.ppc.rpm
File outdated by:  RHSA-2010:0173
    MD5: a1efe172641a72e4511f378440e3c634
 
s390:
openssl-0.9.7a-43.14.s390.rpm
File outdated by:  RHSA-2012:0086
    MD5: f19acccd901c289a66ca894f0830dcd0
openssl-devel-0.9.7a-43.14.s390.rpm
File outdated by:  RHSA-2012:0086
    MD5: 79dbb4ef618a8aec8878f8ef5bf8cb47
openssl-perl-0.9.7a-43.14.s390.rpm
File outdated by:  RHSA-2012:0086
    MD5: 4b390d89960d1a19a25f42f5d7af77fa
openssl096b-0.9.6b-22.46.s390.rpm
File outdated by:  RHSA-2010:0173
    MD5: 6ad760a809f7f821b62433a8c7afb13a
 
s390x:
openssl-0.9.7a-43.14.s390.rpm
File outdated by:  RHSA-2012:0086
    MD5: f19acccd901c289a66ca894f0830dcd0
openssl-0.9.7a-43.14.s390x.rpm
File outdated by:  RHSA-2012:0086
    MD5: f97c0a205796a8db148638282a582bbf
openssl-devel-0.9.7a-43.14.s390x.rpm
File outdated by:  RHSA-2012:0086
    MD5: 0fdb4a82e29561809e89553b6006d981
openssl-perl-0.9.7a-43.14.s390x.rpm
File outdated by:  RHSA-2012:0086
    MD5: 04b452e3a8516723b12b41d3e047a07f
openssl096b-0.9.6b-22.46.s390.rpm
File outdated by:  RHSA-2010:0173
    MD5: 6ad760a809f7f821b62433a8c7afb13a
 
x86_64:
openssl-0.9.7a-43.14.i686.rpm
File outdated by:  RHSA-2012:0086
    MD5: f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-0.9.7a-43.14.x86_64.rpm
File outdated by:  RHSA-2012:0086
    MD5: f0985b8088804e3bd7309b1ca2ca1d21
openssl-devel-0.9.7a-43.14.x86_64.rpm
File outdated by:  RHSA-2012:0086
    MD5: 9a489c77daf969a867f3f18bee4bb6aa
openssl-perl-0.9.7a-43.14.x86_64.rpm
File outdated by:  RHSA-2012:0086
    MD5: d16bd233156bf495de3854d2d915c5c3
openssl096b-0.9.6b-22.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: afb33c059e8edb6b092a5e6ed247d191
openssl096b-0.9.6b-22.46.x86_64.rpm
File outdated by:  RHSA-2010:0173
    MD5: 48478bec0a72ec719a31f60ddb376dad
 
Red Hat Enterprise Linux ES (v. 2.1)

SRPMS:
openssl-0.9.6b-46.src.rpm
File outdated by:  RHSA-2009:0004
    MD5: 8dec955be0bcdb6aae9bc0fc6c832eca
 
IA-32:
openssl-0.9.6b-46.i386.rpm
File outdated by:  RHSA-2009:0004
    MD5: c28b3f1b264ab2ea1986cf2c0f211437
openssl-0.9.6b-46.i686.rpm
File outdated by:  RHSA-2009:0004
    MD5: fca94acfb677dc9155716d7a779f7ede
openssl-devel-0.9.6b-46.i386.rpm
File outdated by:  RHSA-2009:0004
    MD5: b2edb35842b91ed24dbee0a739993129
openssl-perl-0.9.6b-46.i386.rpm
File outdated by:  RHSA-2009:0004
    MD5: b502425dd73fdc854d1bbe6f29f65bd8
 
Red Hat Enterprise Linux ES (v. 3)

SRPMS:
openssl-0.9.7a-33.21.src.rpm
File outdated by:  RHSA-2010:0163
    MD5: a973479e3a45ab875fbc961df839de8e
openssl096b-0.9.6b-16.46.src.rpm
File outdated by:  RHSA-2010:0173
    MD5: 13f3a51b79f3937206cc6a6a8aa6391d
 
IA-32:
openssl-0.9.7a-33.21.i386.rpm
File outdated by:  RHSA-2010:0163
    MD5: 827852982785bfa3d5df09de6ff75091
openssl-0.9.7a-33.21.i686.rpm
File outdated by:  RHSA-2010:0163
    MD5: 0ddbef7542c03a39e5b783befa49faf9
openssl-devel-0.9.7a-33.21.i386.rpm
File outdated by:  RHSA-2010:0163
    MD5: a87c753f7e6405ae8fa0aaebc68385c0
openssl-perl-0.9.7a-33.21.i386.rpm
File outdated by:  RHSA-2010:0163
    MD5: 31945ca92c89ac970ae6dfb771b62f90
openssl096b-0.9.6b-16.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: 471caa16df4173c4e25942bced25dcac
 
IA-64:
openssl-0.9.7a-33.21.i686.rpm
File outdated by:  RHSA-2010:0163
    MD5: 0ddbef7542c03a39e5b783befa49faf9
openssl-0.9.7a-33.21.ia64.rpm
File outdated by:  RHSA-2010:0163
    MD5: 5651e3de97f42cd855a931b6a80f2de9
openssl-devel-0.9.7a-33.21.ia64.rpm
File outdated by:  RHSA-2010:0163
    MD5: 57708528d814ff3c8b258d4a80528436
openssl-perl-0.9.7a-33.21.ia64.rpm
File outdated by:  RHSA-2010:0163
    MD5: 7d5ed68eb555dc1bcbc4fbabcc5b73ad
openssl096b-0.9.6b-16.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: 471caa16df4173c4e25942bced25dcac
openssl096b-0.9.6b-16.46.ia64.rpm
File outdated by:  RHSA-2010:0173
    MD5: 71fc44bb49b0d92913663c8cb876e669
 
x86_64:
openssl-0.9.7a-33.21.i686.rpm
File outdated by:  RHSA-2010:0163
    MD5: 0ddbef7542c03a39e5b783befa49faf9
openssl-0.9.7a-33.21.x86_64.rpm
File outdated by:  RHSA-2010:0163
    MD5: 828ad64a16daf904ee6f670d2ace71cb
openssl-devel-0.9.7a-33.21.x86_64.rpm
File outdated by:  RHSA-2010:0163
    MD5: 3af1217ec416c8960d4be2201592553f
openssl-perl-0.9.7a-33.21.x86_64.rpm
File outdated by:  RHSA-2010:0163
    MD5: ebe87dda7ab2d3c45e955810b09961b7
openssl096b-0.9.6b-16.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: 471caa16df4173c4e25942bced25dcac
openssl096b-0.9.6b-16.46.x86_64.rpm
File outdated by:  RHSA-2010:0173
    MD5: caea4604b3d35b9829093d2221ebd828
 
Red Hat Enterprise Linux ES (v. 4)

SRPMS:
openssl-0.9.7a-43.14.src.rpm
File outdated by:  RHSA-2012:0086
    MD5: d833a111c7c142e838e21b46c2d3d3ca
openssl096b-0.9.6b-22.46.src.rpm
File outdated by:  RHSA-2010:0173
    MD5: 2294eea329ff59ad7e7b04331c46e485
 
IA-32:
openssl-0.9.7a-43.14.i386.rpm
File outdated by:  RHSA-2012:0086
    MD5: 064f523a3b6f886949031d85902a74e0
openssl-0.9.7a-43.14.i686.rpm
File outdated by:  RHSA-2012:0086
    MD5: f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-devel-0.9.7a-43.14.i386.rpm
File outdated by:  RHSA-2012:0086
    MD5: 7591b0a079addeaed3ca622c61b170d2
openssl-perl-0.9.7a-43.14.i386.rpm
File outdated by:  RHSA-2012:0086
    MD5: e4b978822f9e39a4b1095690f2de6ab3
openssl096b-0.9.6b-22.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: afb33c059e8edb6b092a5e6ed247d191
 
IA-64:
openssl-0.9.7a-43.14.i686.rpm
File outdated by:  RHSA-2012:0086
    MD5: f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-0.9.7a-43.14.ia64.rpm
File outdated by:  RHSA-2012:0086
    MD5: 73e0d1fb22c73ed95e47257a6da1b129
openssl-devel-0.9.7a-43.14.ia64.rpm
File outdated by:  RHSA-2012:0086
    MD5: b0b3d7b2d3772a89f428c868a62da176
openssl-perl-0.9.7a-43.14.ia64.rpm
File outdated by:  RHSA-2012:0086
    MD5: 5dde996b5bac48158eb076686aeab2c4
openssl096b-0.9.6b-22.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: afb33c059e8edb6b092a5e6ed247d191
openssl096b-0.9.6b-22.46.ia64.rpm
File outdated by:  RHSA-2010:0173
    MD5: 617658bda3b36c2b62810f8fad8bf5ad
 
x86_64:
openssl-0.9.7a-43.14.i686.rpm
File outdated by:  RHSA-2012:0086
    MD5: f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-0.9.7a-43.14.x86_64.rpm
File outdated by:  RHSA-2012:0086
    MD5: f0985b8088804e3bd7309b1ca2ca1d21
openssl-devel-0.9.7a-43.14.x86_64.rpm
File outdated by:  RHSA-2012:0086
    MD5: 9a489c77daf969a867f3f18bee4bb6aa
openssl-perl-0.9.7a-43.14.x86_64.rpm
File outdated by:  RHSA-2012:0086
    MD5: d16bd233156bf495de3854d2d915c5c3
openssl096b-0.9.6b-22.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: afb33c059e8edb6b092a5e6ed247d191
openssl096b-0.9.6b-22.46.x86_64.rpm
File outdated by:  RHSA-2010:0173
    MD5: 48478bec0a72ec719a31f60ddb376dad
 
Red Hat Enterprise Linux WS (v. 2.1)

SRPMS:
openssl-0.9.6b-46.src.rpm
File outdated by:  RHSA-2009:0004
    MD5: 8dec955be0bcdb6aae9bc0fc6c832eca
 
IA-32:
openssl-0.9.6b-46.i386.rpm
File outdated by:  RHSA-2009:0004
    MD5: c28b3f1b264ab2ea1986cf2c0f211437
openssl-0.9.6b-46.i686.rpm
File outdated by:  RHSA-2009:0004
    MD5: fca94acfb677dc9155716d7a779f7ede
openssl-devel-0.9.6b-46.i386.rpm
File outdated by:  RHSA-2009:0004
    MD5: b2edb35842b91ed24dbee0a739993129
openssl-perl-0.9.6b-46.i386.rpm
File outdated by:  RHSA-2009:0004
    MD5: b502425dd73fdc854d1bbe6f29f65bd8
 
Red Hat Enterprise Linux WS (v. 3)

SRPMS:
openssl-0.9.7a-33.21.src.rpm
File outdated by:  RHSA-2010:0163
    MD5: a973479e3a45ab875fbc961df839de8e
openssl096b-0.9.6b-16.46.src.rpm
File outdated by:  RHSA-2010:0173
    MD5: 13f3a51b79f3937206cc6a6a8aa6391d
 
IA-32:
openssl-0.9.7a-33.21.i386.rpm
File outdated by:  RHSA-2010:0163
    MD5: 827852982785bfa3d5df09de6ff75091
openssl-0.9.7a-33.21.i686.rpm
File outdated by:  RHSA-2010:0163
    MD5: 0ddbef7542c03a39e5b783befa49faf9
openssl-devel-0.9.7a-33.21.i386.rpm
File outdated by:  RHSA-2010:0163
    MD5: a87c753f7e6405ae8fa0aaebc68385c0
openssl-perl-0.9.7a-33.21.i386.rpm
File outdated by:  RHSA-2010:0163
    MD5: 31945ca92c89ac970ae6dfb771b62f90
openssl096b-0.9.6b-16.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: 471caa16df4173c4e25942bced25dcac
 
IA-64:
openssl-0.9.7a-33.21.i686.rpm
File outdated by:  RHSA-2010:0163
    MD5: 0ddbef7542c03a39e5b783befa49faf9
openssl-0.9.7a-33.21.ia64.rpm
File outdated by:  RHSA-2010:0163
    MD5: 5651e3de97f42cd855a931b6a80f2de9
openssl-devel-0.9.7a-33.21.ia64.rpm
File outdated by:  RHSA-2010:0163
    MD5: 57708528d814ff3c8b258d4a80528436
openssl-perl-0.9.7a-33.21.ia64.rpm
File outdated by:  RHSA-2010:0163
    MD5: 7d5ed68eb555dc1bcbc4fbabcc5b73ad
openssl096b-0.9.6b-16.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: 471caa16df4173c4e25942bced25dcac
openssl096b-0.9.6b-16.46.ia64.rpm
File outdated by:  RHSA-2010:0173
    MD5: 71fc44bb49b0d92913663c8cb876e669
 
x86_64:
openssl-0.9.7a-33.21.i686.rpm
File outdated by:  RHSA-2010:0163
    MD5: 0ddbef7542c03a39e5b783befa49faf9
openssl-0.9.7a-33.21.x86_64.rpm
File outdated by:  RHSA-2010:0163
    MD5: 828ad64a16daf904ee6f670d2ace71cb
openssl-devel-0.9.7a-33.21.x86_64.rpm
File outdated by:  RHSA-2010:0163
    MD5: 3af1217ec416c8960d4be2201592553f
openssl-perl-0.9.7a-33.21.x86_64.rpm
File outdated by:  RHSA-2010:0163
    MD5: ebe87dda7ab2d3c45e955810b09961b7
openssl096b-0.9.6b-16.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: 471caa16df4173c4e25942bced25dcac
openssl096b-0.9.6b-16.46.x86_64.rpm
File outdated by:  RHSA-2010:0173
    MD5: caea4604b3d35b9829093d2221ebd828
 
Red Hat Enterprise Linux WS (v. 4)

SRPMS:
openssl-0.9.7a-43.14.src.rpm
File outdated by:  RHSA-2012:0086
    MD5: d833a111c7c142e838e21b46c2d3d3ca
openssl096b-0.9.6b-22.46.src.rpm
File outdated by:  RHSA-2010:0173
    MD5: 2294eea329ff59ad7e7b04331c46e485
 
IA-32:
openssl-0.9.7a-43.14.i386.rpm
File outdated by:  RHSA-2012:0086
    MD5: 064f523a3b6f886949031d85902a74e0
openssl-0.9.7a-43.14.i686.rpm
File outdated by:  RHSA-2012:0086
    MD5: f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-devel-0.9.7a-43.14.i386.rpm
File outdated by:  RHSA-2012:0086
    MD5: 7591b0a079addeaed3ca622c61b170d2
openssl-perl-0.9.7a-43.14.i386.rpm
File outdated by:  RHSA-2012:0086
    MD5: e4b978822f9e39a4b1095690f2de6ab3
openssl096b-0.9.6b-22.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: afb33c059e8edb6b092a5e6ed247d191
 
IA-64:
openssl-0.9.7a-43.14.i686.rpm
File outdated by:  RHSA-2012:0086
    MD5: f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-0.9.7a-43.14.ia64.rpm
File outdated by:  RHSA-2012:0086
    MD5: 73e0d1fb22c73ed95e47257a6da1b129
openssl-devel-0.9.7a-43.14.ia64.rpm
File outdated by:  RHSA-2012:0086
    MD5: b0b3d7b2d3772a89f428c868a62da176
openssl-perl-0.9.7a-43.14.ia64.rpm
File outdated by:  RHSA-2012:0086
    MD5: 5dde996b5bac48158eb076686aeab2c4
openssl096b-0.9.6b-22.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: afb33c059e8edb6b092a5e6ed247d191
openssl096b-0.9.6b-22.46.ia64.rpm
File outdated by:  RHSA-2010:0173
    MD5: 617658bda3b36c2b62810f8fad8bf5ad
 
x86_64:
openssl-0.9.7a-43.14.i686.rpm
File outdated by:  RHSA-2012:0086
    MD5: f2b76677a5e6cc4d2a55e78eb56a4fdb
openssl-0.9.7a-43.14.x86_64.rpm
File outdated by:  RHSA-2012:0086
    MD5: f0985b8088804e3bd7309b1ca2ca1d21
openssl-devel-0.9.7a-43.14.x86_64.rpm
File outdated by:  RHSA-2012:0086
    MD5: 9a489c77daf969a867f3f18bee4bb6aa
openssl-perl-0.9.7a-43.14.x86_64.rpm
File outdated by:  RHSA-2012:0086
    MD5: d16bd233156bf495de3854d2d915c5c3
openssl096b-0.9.6b-22.46.i386.rpm
File outdated by:  RHSA-2010:0173
    MD5: afb33c059e8edb6b092a5e6ed247d191
openssl096b-0.9.6b-22.46.x86_64.rpm
File outdated by:  RHSA-2010:0173
    MD5: 48478bec0a72ec719a31f60ddb376dad
 
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor

SRPMS:
openssl-0.9.6b-46.src.rpm
File outdated by:  RHSA-2009:0004
    MD5: 8dec955be0bcdb6aae9bc0fc6c832eca
openssl095a-0.9.5a-32.src.rpm
File outdated by:  RHSA-2009:0004
    MD5: 31991401d1065d4934f00a7cb0b35b30
openssl096-0.9.6-32.src.rpm
File outdated by:  RHSA-2009:0004
    MD5: f2854e9ff45b62b93e8f9cb1b59a05c1
 
IA-64:
openssl-0.9.6b-46.ia64.rpm
File outdated by:  RHSA-2009:0004
    MD5: 910ab86216c49bfd0091f10f77da729c
openssl-devel-0.9.6b-46.ia64.rpm
File outdated by:  RHSA-2009:0004
    MD5: 7f9f4c612988c83a7a42849eee5cd8cd
openssl-perl-0.9.6b-46.ia64.rpm
File outdated by:  RHSA-2009:0004
    MD5: 6741a6cad4ee2bd6971ec6c2ae4744af
openssl095a-0.9.5a-32.ia64.rpm
File outdated by:  RHSA-2009:0004
    MD5: 23953bd1c31641930574c3e72256f026
openssl096-0.9.6-32.ia64.rpm
File outdated by:  RHSA-2009:0004
    MD5: 1a1277a9803202b82258d8e0194bd559
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

206940 - CVE-2006-3738 OpenSSL issues (CVE-2006-4343)
207274 - CVE-2006-2940 OpenSSL Parasitic Public Keys
207276 - CVE-2006-2937 OpenSSL ASN1 DoS


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/