AnNyung Official Homepage Home > Update [ 1.3 ]  

HOME
What is AnNyung
Documents
Packages System
White Paper
Download
Update
  . 3.x [RSS]
  . 2.x [RSS]
  . 1.3 [RSS]
  . 1.2 [RSS]
  . 1.1 [RSS]
  . 1.0 [RSS]
FAQ
Hardware
RoadMap
Gallery

  Go oops.org
  AnNyung banner 88x31

  AnNyung 1 banner 80x15
  AnNyung 2 banner 80x15
  AnNyung 3 banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15



openssl097 보안 업데이트 
Web Browser 로는 FTP 접속이 불가능 합니다.

문서번호 : 1350747121
업데이트 : 2012.10.21


상세내용

openssl097a 패키지는 openssl 0.9.7 library 를 link 하도록 빌드된
바이너리나 openssl 0.9.7 을 요구하는 빌드환경을 위하여 제공되는
호환 라이브러리 입니다.

이 라이브러리를 이용하여 빌드를 할 경우에는 다음의 사항을 주의해야
합니다.

이 라이브러리는 RHEL 4 의 openssl 0.9.7a-43.18.el4 를 이용하여 작성이 되었
습니다.

1. header file include 시..
   #include <openssl/xxx.h> 를 #include <openssl097a/xxx.h> 로 수정해야
   합니다.

2. library 링크시..
   -lssl 이나 -lcrypto 의 경우 -lssl097a 나 -lcrypto097a 로 수정해서 빌드
   해야 합니다.

Security fix
- CVE-2009-3245
- CVE-2010-4180
- CVE-2011-4619
- CVE-2011-4576

. CVE-2009-3245
OpenSSL before 0.9.8m does not check for a NULL return value from
bn_wexpand function calls in (1) crypto/bn/bn_div.c,
(2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and
(4) engines/e_ubsec.c, which has unspecified impact and
context-dependent attack vectors.

. CVE-2010-4180
OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when
SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly
prevent modification of the ciphersuite in the session cache, which
allows remote attackers to force the downgrade to an unintended cipher
via vectors involving sniffing network traffic to discover a session
identifier.

. CVE-2011-4619
The Server Gated Cryptography (SGC) implementation in OpenSSL before
0.9.8s and 1.x before 1.0.0f does not properly handle handshake
restarts, which allows remote attackers to cause a denial of service
via unspecified vectors.

. CVE-2011-4576
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before
1.0.0f does not properly initialize data structures for block cipher
padding, which might allow remote attackers to obtain sensitive
information by decrypting the padding data sent by an SSL peer.


Autoupdates 지원 : 지원
  pkgsysupdate


update 패키지

  RPMS :

    . openssl097a-0.9.7a-43.18.el4.noarch.rpm
    . openssl097a-devel-0.9.7a-43.18.el4.noarch.rpm
    . openssl097a-doc-0.9.7a-43.18.el4.noarch.rpm


  SRPMS :

    . openssl097a-0.9.7a-43.18.el4.src.rpm


참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4619
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4576


    

 Home > Update [ 1.3 ]
Copyright 2024 OOPS Development Organization 
LAST MODIFIED: 2018/04/10