openssl-1.0.1e-42.AXS4.4

エラータID: AXSA:2016-119:02

Release date: 
Wednesday, March 2, 2016 - 00:04
Subject: 
openssl-1.0.1e-42.AXS4.4
Affected Channels: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
High
Description: 

The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

Security issues fixed with this release:

CVE-2015-3197
ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f
does not prevent use of disabled ciphers, which makes it easier for
man-in-the-middle attackers to defeat cryptographic protection
mechanisms by performing computations on SSLv2 traffic, related to the
get_client_master_key and get_client_hello functions.
CVE-2016-0702
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-0705
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-0797
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-0800
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. openssl-1.0.1e-42.AXS4.4.src.rpm
    MD5: e764f6313985437a0cfba0315bcc185a
    SHA-256: 70e8790ef0fa6581a9318194a238ee3293f70e4aca0198eb798d79a8f377602b
    Size: 3.07 MB

Asianux Server 4 for x86
  1. openssl-1.0.1e-42.AXS4.4.i686.rpm
    MD5: 663d90bf0b4be493d849d4683c3bc029
    SHA-256: 00c947d4df885dd0e7a512f396a3e4896e2bdf538e8fe3f87e9b8c3e145c9caa
    Size: 1.51 MB
  2. openssl-devel-1.0.1e-42.AXS4.4.i686.rpm
    MD5: 8074b387ea4dcfad707176c1b8d1b934
    SHA-256: a5696957bec47594d9a160e5bc2336891a9543a16fdec591b217759f5d52a741
    Size: 1.17 MB

Asianux Server 4 for x86_64
  1. openssl-1.0.1e-42.AXS4.4.x86_64.rpm
    MD5: 2c6f9d85965896cbce410b21de29383c
    SHA-256: 247f8fcf80d15e33335efb2986ff631d20d309253d6475c3e18fa4f4c2084bd4
    Size: 1.52 MB
  2. openssl-devel-1.0.1e-42.AXS4.4.x86_64.rpm
    MD5: de6ffcac5e560004a2621311c0059cff
    SHA-256: 3ac7a06101ce6ee6690fbf44bb8704c18a9560b74b3866bd9df6233d2c661ce1
    Size: 1.17 MB
  3. openssl-1.0.1e-42.AXS4.4.i686.rpm
    MD5: 663d90bf0b4be493d849d4683c3bc029
    SHA-256: 00c947d4df885dd0e7a512f396a3e4896e2bdf538e8fe3f87e9b8c3e145c9caa
    Size: 1.51 MB
  4. openssl-devel-1.0.1e-42.AXS4.4.i686.rpm
    MD5: 8074b387ea4dcfad707176c1b8d1b934
    SHA-256: a5696957bec47594d9a160e5bc2336891a9543a16fdec591b217759f5d52a741
    Size: 1.17 MB