openssl 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1231754096
업데이트 : 2009.01.12
상세내용
보안버그 픽스
. CVE-2008-5077:
The Google security team discovered a flaw in the way OpenSSL checked the
verification of certificates. An attacker in control of a malicious server,
or able to effect a "man in the middle" attack, could present a malformed
SSL/TLS signature from a certificate chain to a vulnerable client and
bypass validation.
Autoupdates 지원 : 지원
pkgsysupdate
pkgadd -F "openssl097a*"
update 패키지
RPMS :
. openssl-0.9.6g-14.i686.rpm
. openssl-devel-0.9.6g-14.i686.rpm
. openssl-doc-0.9.6g-14.i686.rpm
. openssl097a-0.9.7a-43.17.noarch.rpm
. openssl097a-devel-0.9.7a-43.17.noarch.rpm
SRPMS :
. openssl097a-0.9.7a-43.17.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077
|