[Security Announce] [ MDKSA-2006:178 ] - Updated ntp packages rebuilt against updated openssl.
Posted on: 10/02/2006 11:25 PM

The Mandriva Security Team published a new security update for Mandriva Linux. Here the announcement:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:178
http://www.mandriva.com/security/
_______________________________________________________________________

Package : ntp
Date : October 2, 2006
Affected: 2006.0, 2007.0, Corporate 4.0
_______________________________________________________________________

Problem Description:

Openssl recently had several vulnerabilities which were patched
(CVE-2006-2937,2940,3738,4339, 4343). Some versions of ntp are built
against a static copy of the SSL libraries. As a precaution an updated
copy built against the new libraries in being made available.
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2006.0:
98c8d5fa78f53e234fbe25720dd7c64e 2006.0/i586/ntp-4.2.0-21.2.20060mdk.i586.rpm
690334db340a7418fd42f31f3ef0092b 2006.0/i586/ntp-client-4.2.0-21.2.20060mdk.i586.rpm
615821f6def15f16d1add3ef4db74584 2006.0/SRPMS/ntp-4.2.0-21.2.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
69b70d3b9c86494a072c1897a41c62a4 2006.0/x86_64/ntp-4.2.0-21.2.20060mdk.x86_64.rpm
55e6f0121357ff75a3963f779b83621f 2006.0/x86_64/ntp-client-4.2.0-21.2.20060mdk.x86_64.rpm
615821f6def15f16d1add3ef4db74584 2006.0/SRPMS/ntp-4.2.0-21.2.20060mdk.src.rpm

Mandriva Linux 2007.0:
4b1e5dc60377ee51d9369269a82672b4 2007.0/i586/ntp-4.2.0-31.2mdv2007.0.i586.rpm
6a2eca6a384e49006d39a1d2af6eb4b4 2007.0/i586/ntp-client-4.2.0-31.2mdv2007.0.i586.rpm
b3c8e254ab51edad15cec56a931873f4 2007.0/SRPMS/ntp-4.2.0-31.2mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
9a17e864f1d5d2b5b6990729ea94c371 2007.0/x86_64/ntp-4.2.0-31.2mdv2007.0.x86_64.rpm
d267c0c5bfec9691572555e5147e459d 2007.0/x86_64/ntp-client-4.2.0-31.2mdv2007.0.x86_64.rpm
b3c8e254ab51edad15cec56a931873f4 2007.0/SRPMS/ntp-4.2.0-31.2mdv2007.0.src.rpm

Corporate 4.0:
90da334ac6d246c3b62c5ed9734f7047 corporate/4.0/i586/ntp-4.2.0-21.2.20060mlcs4.i586.rpm
ba752440cb884a7451e1f3efc877c9d9 corporate/4.0/i586/ntp-client-4.2.0-21.2.20060mlcs4.i586.rpm
27f37e1e3d5ea1b4bd19cfb57a501659 corporate/4.0/SRPMS/ntp-4.2.0-21.2.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
19aaa620b9533f90f145b77ca6bddf2b corporate/4.0/x86_64/ntp-4.2.0-21.2.20060mlcs4.x86_64.rpm
0aeb37acab5364abb19fd6af5cc33f87 corporate/4.0/x86_64/ntp-client-4.2.0-21.2.20060mlcs4.x86_64.rpm
27f37e1e3d5ea1b4bd19cfb57a501659 corporate/4.0/SRPMS/ntp-4.2.0-21.2.20060mlcs4.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
lt;security*mandriva.comgt;
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFIV//mqjQ0CJFipgRApEqAKDfrtPm9LmOw+FoQffcDyJ5TQ0UnwCdHole
JlZ71gXVFcj6A7k9cyBnzI0=
=T73Y
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/security_announce_mdksa_2006178__updated_ntp_packages_rebuilt_against_updated_openssl.html)