| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 2 Oct 2006 15:59:00 -0600 From: security@...driva.com To: full-disclosure@...ts.grok.org.uk Subject: [ MDKSA-2006:178 ] - Updated ntp packages rebuilt against updated openssl. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDKSA-2006:178 http://www.mandriva.com/security/ _______________________________________________________________________ Package : ntp Date : October 2, 2006 Affected: 2006.0, 2007.0, Corporate 4.0 _______________________________________________________________________ Problem Description: Openssl recently had several vulnerabilities which were patched (CVE-2006-2937,2940,3738,4339, 4343). Some versions of ntp are built against a static copy of the SSL libraries. As a precaution an updated copy built against the new libraries in being made available. _______________________________________________________________________ Updated Packages: Mandriva Linux 2006.0: 98c8d5fa78f53e234fbe25720dd7c64e 2006.0/i586/ntp-4.2.0-21.2.20060mdk.i586.rpm 690334db340a7418fd42f31f3ef0092b 2006.0/i586/ntp-client-4.2.0-21.2.20060mdk.i586.rpm 615821f6def15f16d1add3ef4db74584 2006.0/SRPMS/ntp-4.2.0-21.2.20060mdk.src.rpm Mandriva Linux 2006.0/X86_64: 69b70d3b9c86494a072c1897a41c62a4 2006.0/x86_64/ntp-4.2.0-21.2.20060mdk.x86_64.rpm 55e6f0121357ff75a3963f779b83621f 2006.0/x86_64/ntp-client-4.2.0-21.2.20060mdk.x86_64.rpm 615821f6def15f16d1add3ef4db74584 2006.0/SRPMS/ntp-4.2.0-21.2.20060mdk.src.rpm Mandriva Linux 2007.0: 4b1e5dc60377ee51d9369269a82672b4 2007.0/i586/ntp-4.2.0-31.2mdv2007.0.i586.rpm 6a2eca6a384e49006d39a1d2af6eb4b4 2007.0/i586/ntp-client-4.2.0-31.2mdv2007.0.i586.rpm b3c8e254ab51edad15cec56a931873f4 2007.0/SRPMS/ntp-4.2.0-31.2mdv2007.0.src.rpm Mandriva Linux 2007.0/X86_64: 9a17e864f1d5d2b5b6990729ea94c371 2007.0/x86_64/ntp-4.2.0-31.2mdv2007.0.x86_64.rpm d267c0c5bfec9691572555e5147e459d 2007.0/x86_64/ntp-client-4.2.0-31.2mdv2007.0.x86_64.rpm b3c8e254ab51edad15cec56a931873f4 2007.0/SRPMS/ntp-4.2.0-31.2mdv2007.0.src.rpm Corporate 4.0: 90da334ac6d246c3b62c5ed9734f7047 corporate/4.0/i586/ntp-4.2.0-21.2.20060mlcs4.i586.rpm ba752440cb884a7451e1f3efc877c9d9 corporate/4.0/i586/ntp-client-4.2.0-21.2.20060mlcs4.i586.rpm 27f37e1e3d5ea1b4bd19cfb57a501659 corporate/4.0/SRPMS/ntp-4.2.0-21.2.20060mlcs4.src.rpm Corporate 4.0/X86_64: 19aaa620b9533f90f145b77ca6bddf2b corporate/4.0/x86_64/ntp-4.2.0-21.2.20060mlcs4.x86_64.rpm 0aeb37acab5364abb19fd6af5cc33f87 corporate/4.0/x86_64/ntp-client-4.2.0-21.2.20060mlcs4.x86_64.rpm 27f37e1e3d5ea1b4bd19cfb57a501659 corporate/4.0/SRPMS/ntp-4.2.0-21.2.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) iD8DBQFFIV//mqjQ0CJFipgRApEqAKDfrtPm9LmOw+FoQffcDyJ5TQ0UnwCdHole JlZ71gXVFcj6A7k9cyBnzI0= =T73Y -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists