Andres Salomon uploaded new packages for openssl which fixed the
following security problems:
CVE-2011-3210
Unsafe thread handling in ECDH ciphersuite allow denial of
service attack.
CVE-2011-1945
Timing attacks against ECDHE_ECDSA private keys.
CVE-2011-0014
Remote denial of service attacks possible or information leak
via malformed handshake messages.
For the lenny-backports distribution the problems have been fixed in
version 0.9.8o-4squeeze4~bpo50+1.
For the stable distribution (squeeze), the problems have been fixed in
version 0.9.8o-4squeeze4.
Attachment:
signature.asc
Description: PGP signature
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | sparc | openssl | <ย 0.9.8o-4squeeze4 | openssl_0.9.8o-4squeeze4_sparc.deb |
Debian | 6 | s390 | libcrypto0.9.8-udeb | <ย 0.9.8o-4squeeze4 | libcrypto0.9.8-udeb_0.9.8o-4squeeze4_s390.deb |
Debian | 6 | amd64 | libssl-dev | <ย 0.9.8o-4squeeze4 | libssl-dev_0.9.8o-4squeeze4_amd64.deb |
Debian | 6 | ia64 | libssl-dev | <ย 0.9.8o-4squeeze4 | libssl-dev_0.9.8o-4squeeze4_ia64.deb |
Debian | 6 | powerpc | libssl-dev | <ย 0.9.8o-4squeeze4 | libssl-dev_0.9.8o-4squeeze4_powerpc.deb |
Debian | 6 | s390 | libssl-dev | <ย 0.9.8o-4squeeze4 | libssl-dev_0.9.8o-4squeeze4_s390.deb |
Debian | 6 | sparc | libssl0.9.8-dbg | <ย 0.9.8o-4squeeze4 | libssl0.9.8-dbg_0.9.8o-4squeeze4_sparc.deb |
Debian | 6 | mips | libssl-dev | <ย 0.9.8o-4squeeze4 | libssl-dev_0.9.8o-4squeeze4_mips.deb |
Debian | 6 | kfreebsd-i386 | libcrypto0.9.8-udeb | <ย 0.9.8o-4squeeze4 | libcrypto0.9.8-udeb_0.9.8o-4squeeze4_kfreebsd-i386.deb |
Debian | 6 | powerpc | libcrypto0.9.8-udeb | <ย 0.9.8o-4squeeze4 | libcrypto0.9.8-udeb_0.9.8o-4squeeze4_powerpc.deb |