openssl-1.0.0-20.AXS4.4, openssl098e-0.9.8e-17.AXS4.2

エラータID: AXSA:2012-535:05

Release date: 
Friday, April 27, 2012 - 20:28
Subject: 
openssl-1.0.0-20.AXS4.4, openssl098e-0.9.8e-17.AXS4.2
Affected Channels: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
High
Description: 

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

Security issues fixed with this release:

• CVE-2012-2110
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.

Solution: 

Update packages.

CVEs: 
CVE-2012-2110
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.


Additional Info: 

N/A

Download: 

SRPMS
  1. openssl-1.0.0-20.AXS4.4.src.rpm
    MD5: 38bd5e66704dad421bf406eb4072f051
    SHA-256: 05c53fe624d6b2b9094008ac46daf93ae587858caf5df67bc544b5c31b347944
    Size: 3.26 MB
  2. openssl098e-0.9.8e-17.AXS4.2.src.rpm
    MD5: 5ec28889468502f0a3da104b445f01a7
    SHA-256: e68769822e139c766ded9e41fa92bdddce1cd466e22700282d5d08aa3ebe3abb
    Size: 2.96 MB

Asianux Server 4 for x86
  1. openssl-1.0.0-20.AXS4.4.i686.rpm
    MD5: d6dc35a752cbab97cd5ae03aa4ac883b
    SHA-256: 6b7a5fc7d615158b466653be75f67cc15bf3d5153275db24cb3ecab2a172d72d
    Size: 1.37 MB
  2. openssl-devel-1.0.0-20.AXS4.4.i686.rpm
    MD5: e4557079777f6aab91dfe27f7df0448b
    SHA-256: 30c3d2350f57f71858de1ca1237e0e885ffd1e51dc1555ad9201b8040b400683
    Size: 1.14 MB
  3. openssl098e-0.9.8e-17.AXS4.2.i686.rpm
    MD5: a79ad86ab8d6eeeeb8c188cde561b6d5
    SHA-256: d8cf48846da2dc65993e6ea20d4a3549675567d9df1fee09ed880d2671bd07af
    Size: 772.52 kB

Asianux Server 4 for x86_64
  1. openssl-1.0.0-20.AXS4.4.x86_64.rpm
    MD5: 6a3bb92c50b27afa2ff3f80711e6aa53
    SHA-256: 82aa2ea86d94b5113c5ac1790835a088081e6ddfaf1ab2b8ba81f3d5a4985f4a
    Size: 1.36 MB
  2. openssl-devel-1.0.0-20.AXS4.4.x86_64.rpm
    MD5: 88462656e539c2279ec25ec20b31f374
    SHA-256: 57bbe95f7edd05763ca482ac03a2d21553a32ef14a069a5090cb9ad93d25281b
    Size: 1.14 MB
  3. openssl-1.0.0-20.AXS4.4.i686.rpm
    MD5: d6dc35a752cbab97cd5ae03aa4ac883b
    SHA-256: 6b7a5fc7d615158b466653be75f67cc15bf3d5153275db24cb3ecab2a172d72d
    Size: 1.37 MB
  4. openssl-devel-1.0.0-20.AXS4.4.i686.rpm
    MD5: e4557079777f6aab91dfe27f7df0448b
    SHA-256: 30c3d2350f57f71858de1ca1237e0e885ffd1e51dc1555ad9201b8040b400683
    Size: 1.14 MB
  5. openssl098e-0.9.8e-17.AXS4.2.x86_64.rpm
    MD5: b5017d700cb03d561c18cd6ca69b2477
    SHA-256: 9513ebef7830127f2deb050b860ee4a7915c3f57384abdc847ba5b02e1efd5b0
    Size: 760.24 kB
  6. openssl098e-0.9.8e-17.AXS4.2.i686.rpm
    MD5: a79ad86ab8d6eeeeb8c188cde561b6d5
    SHA-256: d8cf48846da2dc65993e6ea20d4a3549675567d9df1fee09ed880d2671bd07af
    Size: 772.52 kB