[Full-Disclosure] Re: [RHSA-2003:062-11] Updated OpenSSL packages fix timing attack

From: Ricardo Núñez (rinunez@usb.ve)
Date: 03/06/03

Next message: security@caldera.com: "Security Update: [CSSA-2003-SCO.4] UnixWare 7.1.1 Open UNIX 8.0.0 UnixWare 7.1.3 : Lax permissions on /dev/X"

Previous message: bugzilla@redhat.com: "[Full-Disclosure] [RHSA-2003:039-06] Updated im packages fix insecure handling of temporary files"
In reply to: bugzilla@redhat.com: "[Full-Disclosure] [RHSA-2003:062-11] Updated OpenSSL packages fix timing attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Ricardo Núñez <rinunez@usb.ve>
To: redhat-announce-list@redhat.com, redhat-announce-list-admin@redhat.com
Date: Thu,  6 Mar 2003 11:48:58 -0400

Dear Gentlemen,

Mensaje citado por redhat-announce-list-admin@redhat.com:

> ---------------------------------------------------------------------
> Red Hat, Inc. Red Hat Security Advisory
>
> Synopsis: Updated OpenSSL packages fix timing attack
> Advisory ID: RHSA-2003:062-11
> Issue date: 2003-02-19
> Updated on: 2003-03-06
> Product: Red Hat Linux

>
> Red Hat Linux 6.2:
>
> SRPMS:
> ftp://updates.redhat.com/6.2/en/os/SRPMS/openssl-0.9.5a-30.src.rpm
>
> i386:
> ftp://updates.redhat.com/6.2/en/os/i386/openssl-0.9.5a-30.i386.rpm
> ftp://updates.redhat.com/6.2/en/os/i386/openssl-devel-0.9.5a-30.i386.rpm
> ftp://updates.redhat.com/6.2/en/os/i386/openssl-perl-0.9.5a-30.i386.rpm
> ftp://updates.redhat.com/6.2/en/os/i386/openssl-python-0.9.5a-30.i386.rpm
>

What about sparc version?

> Red Hat Linux 7.0:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: security@caldera.com: "Security Update: [CSSA-2003-SCO.4] UnixWare 7.1.1 Open UNIX 8.0.0 UnixWare 7.1.3 : Lax permissions on /dev/X"

Previous message: bugzilla@redhat.com: "[Full-Disclosure] [RHSA-2003:039-06] Updated im packages fix insecure handling of temporary files"
In reply to: bugzilla@redhat.com: "[Full-Disclosure] [RHSA-2003:062-11] Updated OpenSSL packages fix timing attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: [Full-disclosure] List of Fuzzers
... int authenticate(char* username, char* password) { ... that fuzzing has its limitations (that can be fixed and applied like ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure- ...
(Full-Disclosure)
Re: [Full-disclosure] List of Fuzzers
... valid to use someone else's fuzzing framework against one's own ... I see "Which fuzzer on this list will help me find the most ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure- ...
(Full-Disclosure)
Re: [Full-disclosure] List of Fuzzers
... valid to use someone else's fuzzing framework against one's own ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure- ...
(Full-Disclosure)
[Full-disclosure] List Charter
... This document serves as a charter for the [Full-Disclosure] mailing ... Typically posting will be ... members may be removed from the list by the management. ...
(Full-Disclosure)
[Full-disclosure] List Charter
... This document serves as a charter for the [Full-Disclosure] mailing ... Typically posting will be ... members may be removed from the list by the management. ...
(Full-Disclosure)