SOL2319 - Insufficient MAC computation in OpenSSH - CAN-2003-0078

Obtaining and installing patches

F5 has released a patch for BIG-IP and 3-DNS versions 4.2 and 4.5. To download the patch, perform the following procedure

1. Open the F5 Downloads page in a browser.
2. Navigate to the BIG-IP >> BIG-IP v4.x >> 4.5.x section.
3. Click CAN-2003-0078 and download theopenssl-so_nx-1.0-2-BSD_OS-4.1.imfile to the**/var/tmp** directory.

Note: The non-crypto version of the patch is the file namedopenssl-so-1.0-2-BSD_OS-4.1.im.
4. Once you have downloaded the patch, install the patch by typing one of the following commands:

Crypto version:

im openssl-so_nx-1.0-2-BSD_OS-4.1.im

Non-crypto version:

im openssl-so-1.0-2-BSD_OS-4.1.im
5. After the patch is installed, type the following command to reboot the controller:

reboot
6. To verify that the upgrade has been properly installed, type the following command:

im -Q | grep openssl

If you installed the crypto version, the following database entry displays.

openssl-so_nx-1.0-2

If you installed the non-crypto version, the following database entry displays:

openssl-so-1.0-2

If you do not see the correct database entry, contact F5 Technical Support for assistance.