Linux Compatible
  • News
    • Channels
    • Archive
    • Search
    • Submit
  • Articles
    • Categories
  • Knowledgebase
  • Compatibility
    • Search
  • Links
  • Forums
  • Twitter
Advertisement

Latest News
[ Windows | Linux | Apple ]

· Linux-tools Update for Debian 8
· More Linux Kernel Updates for Ubuntu
· Xiaomi Mi Mix 2s Hands-on Review and more
· Chromium, Google Chrome Security Updates for Gentoo Linux
· Initscripts and Patch Updates for Oracle Linux
· ZSH, Roundcube, and xfig Updates for Arch Linux
· PackageKit, hdf5, and VirtualBox Updates for openSUSE
· MySQL and Linux Kernel Updates for Ubuntu Linux
· Ruby Updates for Debian 7 LTS
· ASUS ROG Strix Scar Edition Laptop Review and more

Upcoming News
· Samsung 860 Pro SSD Review @ Vortez
· Raijintek Orcus 240 @ TechPowerUp
· Team Group Cardea Zero 240 GB @ TechPowerUp
· Guru3D Rig of the Month - January 2018
· Cooler Master MK750 Review @ Vortez
· Seagate Skyhawk 10TB SATA III HDD Review
· Vulkan Continues To Show Its Gaming Strength On Low-End Hardware
· Seagate IronWolf ST12000VN0007 12TB Hard Drive Review @ APH Networks
· Sennheiser Game One @ TechPowerUp
· be quiet! Straight Power 11 1000W Power Supply Review

Linux Compatibility
· Brother DCP-L2540DN
· Sound Blaster E5
· WD Elements 500GB external hard drive
· Canon D660U Flatbad scanner
· Umax Astra 4500 USB Scanner
· Logitech QuickCam Pro 4000
· Dell Latitude E6420
· Creative Sound Blaster Z
· Photosmart 5520
· TB-5300 Slimline Design Tablet

New Forum Topics
· Dale
by: Dale Blinco
on: 2018-02-05 00:26
1 replies, 1217 views

· modem driver needed
by: jongiffen777
on: 2017-12-13 11:11
1 replies, 2399 views

· Need a decent browser for XP Pro!
by: percy
on: 2017-12-05 11:02
2 replies, 4282 views

· Comodo Time Machine + Faronics Deep Freeze
by: Jabberwocky
on: 2017-11-15 23:17
1 replies, 2887 views

· Linux compatablity
by: ibme
on: 2017-10-04 18:05
1 replies, 4800 views

News Channels
· Drivers
· Guides
· Reviews
· Security
· Software
· Press Release
· Updates
· Interviews
· Linux
· General
· Debian
· Red Hat
· Slackware
· Gentoo
· Mandriva
· White Box
· SUSE
· GNOME
· KDE
· CentOS
· Ubuntu
· MEPIS
· Android
· Oracle Linux
· Arch Linux

What's New
Login to see an overview of all news stories since your last visit.

Welcome to our website

To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.

Linux Compatible » News » June 2008 » USN-612-11: openssl-blacklist update

USN-612-11: openssl-blacklist update

Posted by Bob on: 06/18/2008 10:15 PM [ Print | 0 comment(s) ]

A new openssl-blacklist update update is available for Ubuntu Linux. Here the announcement:




Ubuntu Security Notice USN-612-11 June 18, 2008
openssl-blacklist update
http://www.ubuntu.com/usn/usn-612-1
http://www.ubuntu.com/usn/usn-612-3
http://www.ubuntu.com/usn/usn-612-8
http://www.ubuntu.com/usn/usn-612-9
==========================
==========================
=========

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
openssl-blacklist 0.3.3+0.4-0ubuntu0.6.06.2
openssl-blacklist-extra 0.3.3+0.4-0ubuntu0.6.06.2

Ubuntu 7.04:
openssl-blacklist 0.3.3+0.4-0ubuntu0.7.04.2
openssl-blacklist-extra 0.3.3+0.4-0ubuntu0.7.04.2

Ubuntu 7.10:
openssl-blacklist 0.3.3+0.4-0ubuntu0.7.10.2
openssl-blacklist-extra 0.3.3+0.4-0ubuntu0.7.10.2

Ubuntu 8.04 LTS:
openssl-blacklist 0.3.3+0.4-0ubuntu0.8.04.3
openssl-blacklist-extra 0.3.3+0.4-0ubuntu0.8.04.3

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

USN-612-3 addressed a weakness in OpenSSL certificate and key
generation and introduced openssl-blacklist to aid in detecting
vulnerable certificates and keys. This update adds RSA-4096
blacklists to the openssl-blacklist-extra package and adjusts
openssl-vulnkey to properly handle RSA-4096 and higher moduli.

Original advisory details:
A weakness has been discovered in the random number generator used
by OpenSSL on Debian and Ubuntu systems. As a result of this
weakness, certain encryption keys are much more common than they
should be, such that an attacker could guess the key through a
brute-force attack given minimal knowledge of the system. This
particularly affects the use of encryption keys in OpenSSH, OpenVPN
and SSL certificates.


Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/o/openssl-blacklist/openssl=
-blacklist_0.3.3+0.4-0ubuntu0.6.06.2.dsc
Size/MD5: 676 ec900c22df66e7da2543082d7123aed7
http://security.ubuntu.com/ubuntu/pool/main/o/openssl-blacklist/openssl=
-blacklist_0.3.3+0.4-0ubuntu0.6.06.2.tar.gz
Size/MD5: 32928890 ff8a69186860a3c9bc78c86b51993154

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/o/openssl-blacklist/openssl=
-blacklist-extra_0.3.3+0.4-0ubuntu0.6.06.2_all.deb
Size/MD5: 6317974 c71f0e9dfaf87712672fb52acb55db0d
http://security.ubuntu.com/ubuntu/pool/main/o/openssl-blacklist/openssl=
-blacklist_0.3.3+0.4-0ubuntu0.6.06.2_all.deb
Size/MD5: 6333018 e43b4ea20935655041e803064cee6626

Updated packages for Ubuntu 7.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/o/openssl-blacklist/openssl=
-blacklist_0.3.3+0.4-0ubuntu0.7.04.2.dsc
Size/MD5: 812 71e900154130bd20b4401b6ac2653cdc
http://security.ubuntu.com/ubuntu/pool/main/o/openssl-blacklist/openssl=
-blacklist_0.3.3+0.4-0ubuntu0.7.04.2.tar.gz
Size/MD5: 32928996 37d24b96159aca653515a8aa136f31d3

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/o/openssl-blacklist/openssl=
-blacklist-extra_0.3.3+0.4-0ubuntu0.7.04.2_all.deb
Size/MD5: 6318082 cc4e2c235c71d36653ce1c2ef1b247bc
http://security.ubuntu.com/ubuntu/pool/main/o/openssl-blacklist/openssl=
-blacklist_0.3.3+0.4-0ubuntu0.7.04.2_all.deb
Size/MD5: 6332858 d805a05a0bc674c064256cf26f231881

Updated packages for Ubuntu 7.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/o/openssl-blacklist/openssl=
-blacklist_0.3.3+0.4-0ubuntu0.7.10.2.dsc
Size/MD5: 812 b62d9f57a2c6f4e3e671a3d9648b1df1
http://security.ubuntu.com/ubuntu/pool/main/o/openssl-blacklist/openssl=
-blacklist_0.3.3+0.4-0ubuntu0.7.10.2.tar.gz
Size/MD5: 32928995 8717c32922e43aaaf7203ccd268b99a8

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/o/openssl-blacklist/openssl=
-blacklist-extra_0.3.3+0.4-0ubuntu0.7.10.2_all.deb
Size/MD5: 6318232 81e856d987468e3fc3a0d6e7e21bf532
http://security.ubuntu.com/ubuntu/pool/main/o/openssl-blacklist/openssl=
-blacklist_0.3.3+0.4-0ubuntu0.7.10.2_all.deb
Size/MD5: 6332724 84087c5b3d5a05cf55d415adaf6974f1

Updated packages for Ubuntu 8.04 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/o/openssl-blacklist/openssl=
-blacklist_0.3.3+0.4-0ubuntu0.8.04.3.dsc
Size/MD5: 943 c1d37d2d4a36ba178022fc27ff6a0bdc
http://security.ubuntu.com/ubuntu/pool/main/o/openssl-blacklist/openssl=
-blacklist_0.3.3+0.4-0ubuntu0.8.04.3.tar.gz
Size/MD5: 32929040 376d57551e6859b39c2e795284978233

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/o/openssl-blacklist/openssl=
-blacklist-extra_0.3.3+0.4-0ubuntu0.8.04.3_all.deb
Size/MD5: 6318142 0d1c09236b595d8fd8dbe4a617497d2e
http://security.ubuntu.com/ubuntu/pool/main/o/openssl-blacklist/openssl=
-blacklist_0.3.3+0.4-0ubuntu0.8.04.3_all.deb
Size/MD5: 6333180 df969f0af29ab3474c9d1d7b119a66a7



--JfVplkuTfB13Rsg5
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIWXkRW0JvuRdL8BoRAhbyAJ4/W1FqKrXA8C/yoA1rnmj9tWU+jQCZAd3c
P8hYiKK587KXLlTsOiwp4lg=
=nTar
-----END PGP SIGNATURE-----


Bookmark and Share

« IceClean 3.0.7 · ATI Catalyst 8.6 Proprietary Linux Display Driver »

Linux Compatible » News » June 2008 » USN-612-11: openssl-blacklist update
All products mentioned are registered trademarks or trademarks of their respective owners.
© 2002-2018 Esselbach Internet Solutions - All Rights Reserved. Terms and privacy policy
Powered by Contentteller® Business Edition