mystified Posted August 5, 2004 Report Share Posted August 5, 2004 Mandrakesoft Security Advisories Package name mod_ssl Date July 27th, 2004 Advisory ID MDKSA-2004:075 Affected versions 9.1, 9.2, 10.0, MNF8.2, CS2.1 Synopsis Updated mod_ssl packages fix potential vulnerabilities Problem Description Ralf S. Engelschall found a remaining risky call to ssl_log while reviewing code for another issue reported by Virulent. The updated packages are patched to correct the problem. Updated Packages Mandrakelinux 9.1 e58304a3bbc0581e643e5609e95b8230 9.1/RPMS/mod_ssl-2.8.12-8.2.91mdk.i586.rpm c752c0ae8d6d034eb61c1a967e0e50f0 9.1/SRPMS/mod_ssl-2.8.12-8.2.91mdk.src.rpm Mandrakelinux 9.1/PPC c3ad8be79ca34e4a08d9d50d8c0e2178 ppc/9.1/RPMS/mod_ssl-2.8.12-8.2.91mdk.ppc.rpm c752c0ae8d6d034eb61c1a967e0e50f0 ppc/9.1/SRPMS/mod_ssl-2.8.12-8.2.91mdk.src.rpm Mandrakelinux 9.2 51a525a5e2da3af2812d6f502dcb55ea 9.2/RPMS/mod_ssl-2.8.15-1.2.92mdk.i586.rpm faf4f30d6757b581b407e6dc645e17c0 9.2/SRPMS/mod_ssl-2.8.15-1.2.92mdk.src.rpm Mandrakelinux 9.2/AMD64 daf5b6b738aa5010619fc2cdf8817112 amd64/9.2/RPMS/mod_ssl-2.8.15-1.2.92mdk.amd64.rpm faf4f30d6757b581b407e6dc645e17c0 amd64/9.2/SRPMS/mod_ssl-2.8.15-1.2.92mdk.src.rpm Mandrakelinux 10.0 67b5f2830144f4f23252c6e790024913 10.0/RPMS/mod_ssl-2.8.16-1.2.100mdk.i586.rpm bc3d01ea44136b134f465f9477f4907c 10.0/SRPMS/mod_ssl-2.8.16-1.2.100mdk.src.rpm Mandrakelinux 10.0/AMD64 0e20fd551d0db86fb01bf1cac1fc0d00 amd64/10.0/RPMS/mod_ssl-2.8.16-1.2.100mdk.amd64.rpm bc3d01ea44136b134f465f9477f4907c amd64/10.0/SRPMS/mod_ssl-2.8.16-1.2.100mdk.src.rpm Multi Network Firewall 8.2 03dd0105896ff42ed4cd1fe48d3f62d7 mnf8.2/RPMS/mod_ssl-2.8.7-3.4.M82mdk.i586.rpm 7c306e82940c73410ccf8e9bb635adea mnf8.2/SRPMS/mod_ssl-2.8.7-3.4.M82mdk.src.rpm Corporate Server 2.1 ced0b61893293095a5f229728e4cbdb2 corporate/2.1/RPMS/mod_ssl-2.8.10-5.4.C21mdk.i586.rpm 543976686dac61408092c2d90faf45be corporate/2.1/SRPMS/mod_ssl-2.8.10-5.4.C21mdk.src.rpm Corporate Server 2.1/X86_64 200c8254e7bbd46c8f9d5288803d33a1 x86_64/corporate/2.1/RPMS/mod_ssl-2.8.10-5.4.C21mdk.x86_64.rpm 543976686dac61408092c2d90faf45be x86_64/corporate/2.1/SRPMS/mod_ssl-2.8.10-5.4.C21mdk.src.rpm References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0700 Upgrade To upgrade automatically, use MandrakeUpdate. Verification Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command: rpm --checksig package.rpm You can get the GPG public key of the Mandrakelinux Security Team to verify the GPG signature of each RPM. If you use MandrakeUpdate, the verification of md5 checksum and GPG signature is performed automatically for you. Link to comment Share on other sites More sharing options...
Recommended Posts