AnNyung Official Homepage Home > Update [ 1.3 ]  

What is AnNyung
Packages System
White Paper
  . 3.x [RSS]
  . 2.x [RSS]
  . 1.3 [RSS]
  . 1.2 [RSS]
  . 1.1 [RSS]
  . 1.0 [RSS]

  AnNyung banner 88x31

  AnNyung 1 banner 80x15
  AnNyung 2 banner 80x15
  AnNyung 3 banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15

openssl097 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.

문서번호 : 1350747121
업데이트 : 2012.10.21


openssl097a 패키지는 openssl 0.9.7 library 를 link 하도록 빌드된
바이너리나 openssl 0.9.7 을 요구하는 빌드환경을 위하여 제공되는
호환 라이브러리 입니다.

이 라이브러리를 이용하여 빌드를 할 경우에는 다음의 사항을 주의해야

이 라이브러리는 RHEL 4 의 openssl 0.9.7a-43.18.el4 를 이용하여 작성이 되었

1. header file include 시..
   #include <openssl/xxx.h> 를 #include <openssl097a/xxx.h> 로 수정해야

2. library 링크시..
   -lssl 이나 -lcrypto 의 경우 -lssl097a 나 -lcrypto097a 로 수정해서 빌드
   해야 합니다.

Security fix
- CVE-2009-3245
- CVE-2010-4180
- CVE-2011-4619
- CVE-2011-4576

. CVE-2009-3245
OpenSSL before 0.9.8m does not check for a NULL return value from
bn_wexpand function calls in (1) crypto/bn/bn_div.c,
(2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and
(4) engines/e_ubsec.c, which has unspecified impact and
context-dependent attack vectors.

. CVE-2010-4180
OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when
SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly
prevent modification of the ciphersuite in the session cache, which
allows remote attackers to force the downgrade to an unintended cipher
via vectors involving sniffing network traffic to discover a session

. CVE-2011-4619
The Server Gated Cryptography (SGC) implementation in OpenSSL before
0.9.8s and 1.x before 1.0.0f does not properly handle handshake
restarts, which allows remote attackers to cause a denial of service
via unspecified vectors.

. CVE-2011-4576
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before
1.0.0f does not properly initialize data structures for block cipher
padding, which might allow remote attackers to obtain sensitive
information by decrypting the padding data sent by an SSL peer.

Autoupdates 지원 : 지원

update 패키지

  RPMS :

    . openssl097a-0.9.7a-43.18.el4.noarch.rpm
    . openssl097a-devel-0.9.7a-43.18.el4.noarch.rpm
    . openssl097a-doc-0.9.7a-43.18.el4.noarch.rpm


    . openssl097a-0.9.7a-43.18.el4.src.rpm

참고 :


 Home > Update [ 1.3 ]

Copyright 2023 OOPS Development Organization 
LAST MODIFIED: 2018/04/10