安全研究

安全漏洞
OpenSSL ASN.1多个解析安全漏洞

发布日期:2003-09-30
更新日期:2003-10-21

受影响系统:
OpenSSL Project OpenSSL 0.9.7b
OpenSSL Project OpenSSL 0.9.7a
OpenSSL Project OpenSSL 0.9.7-beta3
OpenSSL Project OpenSSL 0.9.7-beta2
OpenSSL Project OpenSSL 0.9.7-beta1
OpenSSL Project OpenSSL 0.9.7
OpenSSL Project OpenSSL 0.9.6j
OpenSSL Project OpenSSL 0.9.6i
OpenSSL Project OpenSSL 0.9.6h
OpenSSL Project OpenSSL 0.9.6g
OpenSSL Project OpenSSL 0.9.6e
OpenSSL Project OpenSSL 0.9.6d
OpenSSL Project OpenSSL 0.9.6c
OpenSSL Project OpenSSL 0.9.6b
OpenSSL Project OpenSSL 0.9.6a
OpenSSL Project OpenSSL 0.9.5
OpenSSL Project OpenSSL 0.9.6
    - Caldera OpenLinux Server 3.1.1
    - Caldera OpenLinux Server 3.1
    - Caldera OpenLinux Workstation 3.1.1
    - Caldera OpenLinux Workstation 3.1
    - Conectiva Linux 6.0
    - Mandrake Linux 8.0
    - NetBSD 1.6 beta
    - NetBSD 1.6
    - NetBSD 1.5.3
    - NetBSD 1.5.2
    - NetBSD 1.5.1
    - NetBSD 1.5
    - OpenBSD 2.9
    - RedHat Linux 7.3
    - RedHat Linux 7.2
    - RedHat Linux 7.1
    - RedHat Linux 7.0
    - Trustix Secure Linux 1.5
    - Trustix Secure Linux 1.2
    - Trustix Secure Linux 1.1
不受影响系统:
OpenSSL Project OpenSSL 0.9.7c
OpenSSL Project OpenSSL 0.9.6k
描述:
BUGTRAQ  ID: 8732

OpenSSL是一种开放源码的SSL实现,用来实现网络通信的高强度加密,现在被广泛地用于各种网络应用程序中。

OpenSSL中的ASN.1解析代码存在多个问题,远程攻击者可以利用这个漏洞对系统进行拒绝服务攻击或执行任意代码。

漏洞问题如下:

1、部分ASN.1编码被解析器会由于非法而拒绝,当处理对应的数据结构时会触发错误而破坏堆栈,这可用于远程拒绝服务。目前还不清楚是否可用于执行任意代码。此漏洞不影响OpenSSL 0.9.6版本。

2、不正确ASN.1标记值可在部分条件下引起读取非法边界值(整数溢出问题),可导致拒绝服务漏洞。

3、如果设置成忽略公钥解码错误,证书中包含畸形公钥会引起服务崩溃。公钥解码错误一般不忽略(除非在调试情况下)。目前还不清楚是否可利用执行任意代码。

4、由于在SSL/TLS协议处理上存在错误,当没有指定请求时服务器也会解析客户端证书。这严格的来说不是一个漏洞,但是这意味着使用OpenSSL的SSL/TLS服务器可使用漏洞1,2,3进行攻击,即使没有启用客户端验证的情况下。

<*来源:NISCC (uniras@niscc.gov.uk
        Stephen Henson
  
  链接:http://www.openssl.org/news/secadv_20030930.txt
        http://www.cert.org/advisories/CA-2003-26.html
        ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-017.txt.asc
        http://www.debian.org/security/2003/dsa-394
*>

建议:
厂商补丁:

Debian
------
Debian已经为此发布了一个安全公告(DSA-394-1)以及相应补丁:
DSA-394-1:New openssl095 packages fix denial of service
链接:http://www.debian.org/security/2002/dsa-394

补丁下载:

Source archives:

http://security.debian.org/pool/updates/main/o/openssl095/openssl095_0.9.5a-6.woody.3.dsc
Size/MD5 checksum:      631 ba6e597ab2db2984aef6c2a765ac29c0
http://security.debian.org/pool/updates/main/o/openssl095/openssl095_0.9.5a-6.woody.3.diff.gz
Size/MD5 checksum:    38851 6b197111a7068a7ea29ef55176771d89
http://security.debian.org/pool/updates/main/o/openssl095/openssl095_0.9.5a.orig.tar.gz
Size/MD5 checksum:  1892089 99d22f1d4d23ff8b927f94a9df3997b4

Alpha architecture:

http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.3_alpha.deb
Size/MD5 checksum:   497152 fe3d6854382f8dbe2d10f3f5700dd8f6

ARM architecture:

http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.3_arm.deb
Size/MD5 checksum:   402498 551b79fbb80903f174d6edeffd9869df

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.3_i386.deb
Size/MD5 checksum:   399752 2a856ac6b45d41beb0bf78880b236966

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.3_m68k.deb
Size/MD5 checksum:   376738 980e428e9b913672d939ebe77c18cd6d

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.3_mips.deb
Size/MD5 checksum:   412624 b8c7cc0b4dcbf1cf03480b93c78cd610

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.3_mipsel.deb
Size/MD5 checksum:   407388 de02385580cf33c344c1ffadcf8aed88

PowerPC architecture:

http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.3_powerpc.deb
Size/MD5 checksum:   425452 c3d04af89c64e6e9f0175e6cd4997058

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.3_sparc.deb
Size/MD5 checksum:   412196 ae1181c2873a304c583800459da53e5a





补丁安装方法:

1. 手工安装补丁包:

  首先,使用下面的命令来下载补丁软件:
  # wget url  (url是补丁下载链接地址)

  然后,使用下面的命令来安装补丁:  
  # dpkg -i file.deb (file是相应的补丁名)

2. 使用apt-get自动安装补丁包:

   首先,使用下面的命令更新内部数据库:
   # apt-get update
  
   然后,使用下面的命令安装更新软件包:
   # apt-get upgrade

HP
--
http://www.debian.org/security/2003/dsa-394

MandrakeSoft
------------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

MandrakeSoft Corporate Server 2.1 x86_64:

Mandrake Upgrade libopenssl0-0.9.6i-1.6.90mdk.x86_64.rpm
http://www.mandrakesecure.net/en/ftp.php
Corporate Server 2.1/x86_64 FTP Folder: x86_64/corporate/2.1/RPMS/

Mandrake Upgrade libopenssl0-devel-0.9.6i-1.6.90mdk.x86_64.rpm
http://www.mandrakesecure.net/en/ftp.php
Corporate Server 2.1/x86_64 FTP Folder: x86_64/corporate/2.1/RPMS/

Mandrake Upgrade libopenssl0-static-devel-0.9.6i-1.6.90mdk.x86_64.rpm
http://www.mandrakesecure.net/en/ftp.php
Corporate Server 2.1/x86_64 FTP Folder: x86_64/corporate/2.1/RPMS/

Mandrake Upgrade openssl-0.9.6i-1.6.90mdk.x86_64.rpm
http://www.mandrakesecure.net/en/ftp.php
Corporate Server 2.1/x86_64 FTP Folder: x86_64/corporate/2.1/RPMS/

MandrakeSoft Corporate Server 2.1:

Mandrake Upgrade libopenssl0-0.9.6i-1.6.90mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Corporate Server 2.1 FTP Folder: corporate/2.1/RPMS/

Mandrake Upgrade libopenssl0-devel-0.9.6i-1.6.90mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Corporate Server 2.1 FTP Folder: corporate/2.1/RPMS/

Mandrake Upgrade libopenssl0-static-devel-0.9.6i-1.6.90mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Corporate Server 2.1 FTP Folder: corporate/2.1/RPMS/

Mandrake Upgrade openssl-0.9.6i-1.6.90mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Corporate Server 2.1 FTP Folder: corporate/2.1/RPMS/

MandrakeSoft Multi Network Firewall 8.2:

Mandrake Upgrade libopenssl0-0.9.6i-1.5.82mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Multi Network Firewall 8.2 FTP Folder: mnf8.2/RPMS/

Mandrake Upgrade openssl-0.9.6i-1.5.82mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Multi Network Firewall 8.2 FTP Folder: mnf8.2/RPMS/

MandrakeSoft Linux Mandrake 8.2:

Mandrake Upgrade libopenssl0-0.9.6i-1.5.82mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 8.2 FTP Folder: 8.2/RPMS/

Mandrake Upgrade libopenssl0-devel-0.9.6i-1.5.82mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 8.2 FTP Folder: 8.2/RPMS/

Mandrake Upgrade libopenssl0-static-devel-0.9.6i-1.5.82mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 8.2 FTP Folder: 8.2/RPMS/

Mandrake Upgrade openssl-0.9.6i-1.5.82mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 8.2 FTP Folder: 8.2/RPMS/

MandrakeSoft Linux Mandrake 9.0:

Mandrake Upgrade libopenssl0-devel-0.9.6i-1.6.90mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.0 FTP Folder: 9.0/RPMS/

Mandrake Upgrade libopenssl0-static-devel-0.9.6i-1.6.90mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.0 FTP Folder: 9.0/RPMS/

Mandrake Upgrade openssl-0.9.6i-1.6.90mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.0 FTP Folder: 9.0/RPMS/

Mandrake Upgrade libopenssl0-0.9.6i-1.6.90mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.0 FTP Folder: 9.0/RPMS/

MandrakeSoft Linux Mandrake 9.1 ppc:

Mandrake Upgrade libopenssl0-0.9.6i-1.2.91mdk.ppc.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.1/PPC FTP Folder: ppc/9.1/RPMS/

Mandrake Upgrade libopenssl0.9.7-0.9.7a-1.2.91mdk.ppc.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.1/PPC FTP Folder: ppc/9.1/RPMS/

Mandrake Upgrade libopenssl0.9.7-devel-0.9.7a-1.2.91mdk.ppc.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.1/PPC FTP Folder: ppc/9.1/RPMS/

Mandrake Upgrade libopenssl0.9.7-static-devel-0.9.7a-1.2.91mdk.ppc.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.1/PPC FTP Folder: ppc/9.1/RPMS/

Mandrake Upgrade openssl-0.9.7a-1.2.91mdk.ppc.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.1/PPC FTP Folder: ppc/9.1/RPMS/

MandrakeSoft Linux Mandrake 9.1:

Mandrake Upgrade libopenssl0-0.9.6i-1.2.91mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.1 FTP Folder: 9.1/RPMS/

Mandrake Upgrade libopenssl0.9.7-0.9.7a-1.2.91mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.1 FTP Folder: 9.1/RPMS/

Mandrake Upgrade libopenssl0.9.7-devel-0.9.7a-1.2.91mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.1 FTP Folder: 9.1/RPMS/

Mandrake Upgrade libopenssl0.9.7-static-devel-0.9.7a-1.2.91mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.1 FTP Folder: 9.1/RPMS/

Mandrake Upgrade openssl-0.9.7a-1.2.91mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.1 FTP Folder: 9.1/RPMS/

MandrakeSoft Linux Mandrake 9.2:

Mandrake Upgrade libopenssl0.9.7-0.9.7b-4.1.92mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.2 FTP Folder: 9.2/RPMS/

Mandrake Upgrade libopenssl0.9.7-devel-0.9.7b-4.1.92mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.2 FTP Folder: 9.2/RPMS/

Mandrake Upgrade libopenssl0.9.7-static-devel-0.9.7b-4.1.92mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.2 FTP Folder: 9.2/RPMS/

Mandrake Upgrade openssl-0.9.7b-4.1.92mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.2 FTP Folder: 9.2/RPMS/

NetBSD
------
NetBSD已经为此发布了一个安全公告(NetBSD-SA2003-017)以及相应补丁:
NetBSD-SA2003-017:OpenSSL multiple vulnerabilities
链接:ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-017.txt.asc

补丁下载:

OpenSSL Project
---------------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

OpenSSL Project OpenSSL 0.9.6 j:

OpenSSL Project Upgrade OpenSSL 0.9.6k
http://www.openssl.org/source/

OpenSSL Project OpenSSL 0.9.6 i:

OpenSSL Project Upgrade OpenSSL 0.9.6k
http://www.openssl.org/source/

OpenSSL Project OpenSSL 0.9.6 h:

OpenSSL Project Upgrade OpenSSL 0.9.6k
http://www.openssl.org/source/

OpenSSL Project OpenSSL 0.9.6 g:

OpenSSL Project Upgrade OpenSSL 0.9.6k
http://www.openssl.org/source/

OpenSSL Project OpenSSL 0.9.6 e:

OpenSSL Project Upgrade OpenSSL 0.9.6k
http://www.openssl.org/source/

OpenSSL Project OpenSSL 0.9.6 d:

OpenSSL Project Upgrade OpenSSL 0.9.6k
http://www.openssl.org/source/

OpenSSL Project OpenSSL 0.9.6 c:

OpenSSL Project Upgrade OpenSSL 0.9.6k
http://www.openssl.org/source/

OpenSSL Project OpenSSL 0.9.6 b:

OpenSSL Project Upgrade OpenSSL 0.9.6k
http://www.openssl.org/source/

OpenSSL Project OpenSSL 0.9.6 a:

OpenSSL Project Upgrade OpenSSL 0.9.6k
http://www.openssl.org/source/

OpenSSL Project OpenSSL 0.9.6:

OpenSSL Project Upgrade OpenSSL 0.9.6k
http://www.openssl.org/source/

OpenSSL Project OpenSSL 0.9.7 beta3:

OpenSSL Project Upgrade OpenSSL 0.9.7c
http://www.openssl.org/source/

OpenSSL Project OpenSSL 0.9.7 beta2:

OpenSSL Project Upgrade OpenSSL 0.9.7c
http://www.openssl.org/source/

OpenSSL Project OpenSSL 0.9.7 beta1:

OpenSSL Project Upgrade OpenSSL 0.9.7c
http://www.openssl.org/source/

OpenSSL Project OpenSSL 0.9.7 b:

OpenSSL Project Upgrade OpenSSL 0.9.7c
http://www.openssl.org/source/

OpenSSL Project OpenSSL 0.9.7 a:

OpenSSL Project Upgrade OpenSSL 0.9.7c
http://www.openssl.org/source/

OpenSSL Project OpenSSL 0.9.7:

OpenSSL Project Upgrade OpenSSL 0.9.7c
http://www.openssl.org/source/

RedHat
------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

Red Hat Upgrade openssl095a-0.9.5a-23.7.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/openssl095a-0.9.5a-23.7.3.i386.rpm

Red Hat Upgrade openssl095a-0.9.5a-23.7.1.ppc.rpm
ftp://updates.redhat.com/7.1/en/os/iSeries/ppc/openssl095a-0.9.5a-23.7.1.ppc.rpm

Red Hat Upgrade openssl095a-0.9.5a-23.7.1.ppc.rpm
ftp://updates.redhat.com/7.1/en/os/pSeries/ppc/openssl095a-0.9.5a-23.7.1.ppc.rpm

Red Hat Upgrade openssl095a-0.9.5a-23.7.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/openssl095a-0.9.5a-23.7.3.i386.rpm

Red Hat Upgrade openssl095a-0.9.5a-23.7.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/openssl095a-0.9.5a-23.7.3.ia64.rpm

Red Hat Upgrade openssl095a-0.9.5a-23.7.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/openssl095a-0.9.5a-23.7.3.i386.rpm

Red Hat Upgrade openssl095a-0.9.5a-23.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/openssl095a-0.9.5a-23.8.i386.rpm

Red Hat Upgrade openssl-0.9.6b-35.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/openssl-0.9.6b-35.7.i386.rpm

Red Hat Upgrade openssl-devel-0.9.6b-35.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/openssl-devel-0.9.6b-35.7.i386.rpm

Red Hat Upgrade openssl-perl-0.9.6b-35.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/openssl-perl-0.9.6b-35.7.i386.rpm

Red Hat Upgrade openssl-0.9.6b-35.7.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/openssl-0.9.6b-35.7.ia64.rpm

Red Hat Upgrade openssl-devel-0.9.6b-35.7.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/openssl-devel-0.9.6b-35.7.ia64.rpm

Red Hat Upgrade openssl-perl-0.9.6b-35.7.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/openssl-perl-0.9.6b-35.7.ia64.rpm

Red Hat Upgrade openssl-0.9.6b-35.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/openssl-0.9.6b-35.7.i386.rpm

Red Hat Upgrade openssl-devel-0.9.6b-35.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/openssl-devel-0.9.6b-35.7.i386.rpm

Red Hat Upgrade openssl-perl-0.9.6b-35.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/openssl-perl-0.9.6b-35.7.i386.rpm

Red Hat Upgrade openssl-0.9.6b-35.7.i686.rpm
ftp://updates.redhat.com/7.3/en/os/i686/openssl-0.9.6b-35.7.i686.rpm

Red Hat Upgrade openssl-0.9.6b-35.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/openssl-0.9.6b-35.8.i386.rpm

Red Hat Upgrade openssl-devel-0.9.6b-35.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/openssl-devel-0.9.6b-35.8.i386.rpm

Red Hat Upgrade openssl-perl-0.9.6b-35.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/openssl-perl-0.9.6b-35.8.i386.rpm

Red Hat Upgrade openssl-0.9.6b-35.8.i686.rpm
ftp://updates.redhat.com/8.0/en/os/i686/openssl-0.9.6b-35.8.i686.rpm

Red Hat Upgrade openssl096b-0.9.6b-12.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/openssl096b-0.9.6b-12.i386.rpm

Red Hat Upgrade openssl-0.9.6-19.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/openssl-0.9.6-19.i386.rpm

Red Hat Upgrade openssl-devel-0.9.6-19.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/openssl-devel-0.9.6-19.i386.rpm

Red Hat Upgrade openssl-perl-0.9.6-19.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/openssl-perl-0.9.6-19.i386.rpm

Red Hat Upgrade openssl-python-0.9.6-19.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/openssl-python-0.9.6-19.i386.rpm

Red Hat Upgrade openssl-0.9.6-19.1.ppc.rpm
ftp://updates.redhat.com/7.1/en/os/iSeries/ppc/openssl-0.9.6-19.1.ppc.rpm

Red Hat Upgrade openssl-devel-0.9.6-19.1.ppc.rpm
ftp://updates.redhat.com/7.1/en/os/iSeries/ppc/openssl-devel-0.9.6-19.1.ppc.rpm

Red Hat Upgrade openssl-perl-0.9.6-19.1.ppc.rpm
ftp://updates.redhat.com/7.1/en/os/iSeries/ppc/openssl-perl-0.9.6-19.1.ppc.rpm

Red Hat Upgrade openssl-python-0.9.6-19.1.ppc.rpm
ftp://updates.redhat.com/7.1/en/os/iSeries/ppc/openssl-python-0.9.6-19.1.ppc.rpm

Red Hat Upgrade openssl-0.9.6-19.1.ppc.rpm
ftp://updates.redhat.com/7.1/en/os/pSeries/ppc/openssl-0.9.6-19.1.ppc.rpm

Red Hat Upgrade openssl-devel-0.9.6-19.1.ppc.rpm
ftp://updates.redhat.com/7.1/en/os/pSeries/ppc/openssl-devel-0.9.6-19.1.ppc.rpm

Red Hat Upgrade openssl-perl-0.9.6-19.1.ppc.rpm
ftp://updates.redhat.com/7.1/en/os/pSeries/ppc/openssl-perl-0.9.6-19.1.ppc.rpm

Red Hat Upgrade openssl-python-0.9.6-19.1.ppc.rpm
ftp://updates.redhat.com/7.1/en/os/pSeries/ppc/openssl-python-0.9.6-19.1.ppc.rpm

Red Hat Upgrade openssl096-0.9.6-23.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/openssl096-0.9.6-23.7.i386.rpm

Red Hat Upgrade openssl096-0.9.6-23.7.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/openssl096-0.9.6-23.7.ia64.rpm

Red Hat Upgrade openssl096-0.9.6-23.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/openssl096-0.9.6-23.7.i386.rpm

Red Hat Upgrade openssl096-0.9.6-23.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/openssl096-0.9.6-23.8.i386.rpm

Red Hat Upgrade openssl096-0.9.6-23.9.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/openssl096-0.9.6-23.9.i386.rpm

Red Hat Upgrade openssl-0.9.7a-20.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/openssl-0.9.7a-20.i386.rpm

Red Hat Upgrade openssl-devel-0.9.7a-20.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/openssl-devel-0.9.7a-20.i386.rpm

Red Hat Upgrade openssl-perl-0.9.7a-20.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/openssl-perl-0.9.7a-20.i386.rpm

Red Hat Upgrade openssl-0.9.7a-20.i686.rpm
ftp://updates.redhat.com/9/en/os/i686/openssl-0.9.7a-20.i686.rpm

S.u.S.E.
--------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

S.u.S.E. Upgrade openssl-0.9.6i-19.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/openssl-0.9.6i-19.i586.rpm
Upgrade for Intel i386 Platform, SuSE-8.2.

S.u.S.E. Patch openssl-0.9.6i-19.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/openssl-0.9.6i-19.i586.patch.rpm
Patch for Intel i386 Platform, SuSE-8.2.

S.u.S.E. Upgrade openssl-doc-0.9.6i-19.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/openssl-doc-0.9.6i-19.i586.rpm
openssl-doc: Upgrade for Intel i386 Platform, SuSE-8.2.

S.u.S.E. Patch openssl-doc-0.9.6i-19.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/openssl-doc-0.9.6i-19.i586.patch.rpm
openssl-doc: Patch for Intel i386 Platform, SuSE-8.2.

S.u.S.E. Upgrade openssl-devel-0.9.6i-19.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/openssl-devel-0.9.6i-19.i586.rpm
openssl-devel: Upgrade for Intel i386 Platform, SuSE-8.2.

S.u.S.E. Patch openssl-devel-0.9.6i-19.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/openssl-devel-0.9.6i-19.i586.patch.rpm
openssl-devel: Patch for Intel i386 Platform, SuSE-8.2.

S.u.S.E. Upgrade openssl-0.9.6g-99.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/openssl-0.9.6g-99.i586.rpm
Upgrade for Intel i386 Platform, SuSE-8.1.

S.u.S.E. Patch openssl-0.9.6g-99.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/openssl-0.9.6g-99.i586.patch.rpm
Patch for Intel i386 Platform, SuSE-8.1.

S.u.S.E. Upgrade openssl-doc-0.9.6g-99.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/openssl-doc-0.9.6g-99.i586.rpm
openssl-doc: Upgrade for Intel i386 Platform, SuSE-8.1.

S.u.S.E. Patch openssl-doc-0.9.6g-99.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/openssl-doc-0.9.6g-99.i586.patch.rpm
openssl-doc: Patch for Intel i386 Platform, SuSE-8.1.

S.u.S.E. Upgrade openssl-devel-0.9.6g-99.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/openssl-devel-0.9.6g-99.i586.rpm
openssl-devel: Upgrade for Intel i386 Platform, SuSE-8.1.

S.u.S.E. Patch openssl-devel-0.9.6g-99.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/openssl-devel-0.9.6g-99.i586.patch.rpm
openssl-devel: Patch for Intel i386 Platform, SuSE-8.1.

S.u.S.E. Upgrade openssl-0.9.6c-86.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.0/sec1/openssl-0.9.6c-86.i386.rpm
Upgrade for Intel i386 Platform, SuSE-8.0.

S.u.S.E. Patch openssl-0.9.6c-86.i386.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.0/sec1/openssl-0.9.6c-86.i386.patch.rpm
Patch for Intel i386 Platform, SuSE-8.0.

S.u.S.E. Upgrade openssl-doc-0.9.6c-86.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.0/doc4/openssl-doc-0.9.6c-86.i386.rpm
openssl-doc: Upgrade for Intel i386 Platform, SuSE-8.0.

S.u.S.E. Patch openssl-doc-0.9.6c-86.i386.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.0/doc4/openssl-doc-0.9.6c-86.i386.patch.rpm
openssl-doc: Patch for Intel i386 Platform, SuSE-8.0.

S.u.S.E. Upgrade openssl-devel-0.9.6c-86.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.0/d3/openssl-devel-0.9.6c-86.i386.rpm
openssl-devel: Upgrade for Intel i386 Platform, SuSE-8.0.

S.u.S.E. Patch openssl-devel-0.9.6c-86.i386.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.0/d3/openssl-devel-0.9.6c-86.i386.patch.rpm
openssl-devel: Patch for Intel i386 Platform, SuSE-8.0.

S.u.S.E. Upgrade openssl-0.9.6b-158.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.3/sec1/openssl-0.9.6b-158.i386.rpm
Upgrade for Intel i386 Platform, SuSE-7.3.

S.u.S.E. Upgrade openssl-0.9.6b-90.sparc.rpm
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/sec1/openssl-0.9.6b-90.sparc.rpm
Upgrade for Sparc Platform, SuSE-7.3.

S.u.S.E. Upgrade openssl-0.9.6b-151.ppc.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/sec1/openssl-0.9.6b-151.ppc.rpm
Upgrade for PPC Power PC Platform, SuSE-7.3.

S.u.S.E. Upgrade openssl-doc-0.9.6b-158.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.3/doc3/openssl-doc-0.9.6b-158.i386.rpm
openssl-doc: Upgrade for Intel i386 Platform, SuSE-7.3.

S.u.S.E. Upgrade openssl-doc-0.9.6b-90.sparc.rpm
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/doc3/openssl-doc-0.9.6b-90.sparc.rpm
openssl-doc: Upgrade for Sparc Platform, SuSE-7.3.

S.u.S.E. Upgrade openssl-doc-0.9.6b-151.ppc.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/doc3/openssl-doc-0.9.6b-151.ppc.rpm
openssl-doc: Upgrade for PPC Power PC Platform, SuSE-7.3.

S.u.S.E. Upgrade openssl-devel-0.9.6b-158.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.3/d2/openssl-devel-0.9.6b-158.i386.rpm
openssl-devel: Upgrade for Intel i386 Platform, SuSE-7.3.

S.u.S.E. Upgrade openssl-devel-0.9.6b-90.sparc.rpm
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/d2/openssl-devel-0.9.6b-90.sparc.rpm
openssl-devel: Upgrade for Sparc Platform, SuSE-7.3.

S.u.S.E. Upgrade openssl-devel-0.9.6b-151.ppc.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/d2/openssl-devel-0.9.6b-151.ppc.rpm
openssl-devel: Upgrade for PPC Power PC Platform, SuSE-7.3.

S.u.S.E. Upgrade openssl-0.9.6a-83.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.2/sec1/openssl-0.9.6a-83.i386.rpm
Upgrade for Intel i386 Platform, SuSE-7.2.

S.u.S.E. Upgrade openssl-doc-0.9.6a-83.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.2/doc3/openssl-doc-0.9.6a-83.i386.rpm
openssl-doc: Upgrade for Intel i386 Platform, SuSE-7.2.

S.u.S.E. Upgrade openssl-devel-0.9.6a-83.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.2/d2/openssl-devel-0.9.6a-83.i386.rpm
openssl-devel: Upgrade for Intel i386 Platform, SuSE-7.2.

S.u.S.E. Upgrade openssl-0.9.7b-71.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/openssl-0.9.7b-71.i586.rpm
Upgrade for Intel i386 Platform, SuSE-9.0.

S.u.S.E. Patch openssl-0.9.7b-71.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/openssl-0.9.7b-71.i586.patch.rpm
Patch for Intel i386 Platform, SuSE-9.0.

S.u.S.E. Upgrade openssl-doc-0.9.7b-71.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/openssl-doc-0.9.7b-71.i586.rpm
openssl-doc: Upgrade for Intel i386 Platform, SuSE-9.0.

S.u.S.E. Patch openssl-doc-0.9.7b-71.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/openssl-doc-0.9.7b-71.i586.patch.rpm
openssl-doc: Patch for Intel i386 Platform, SuSE-9.0.

S.u.S.E. Upgrade openssl-devel-0.9.7b-71.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/openssl-devel-0.9.7b-71.i586.rpm
openssl-devel: Upgrade for Intel i386 Platform, SuSE-9.0.

S.u.S.E. Patch openssl-devel-0.9.7b-71.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/openssl-devel-0.9.7b-71.i586.patch.rpm
openssl-devel: Patch for Intel i386 Platform, SuSE-9.0.

浏览次数:13786
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障