lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1GUVoS-0005xL-6u@mercury.mandriva.com>
Date: Mon,  2 Oct 2006 15:59:00 -0600
From: security@...driva.com
To: bugtraq@...urityfocus.com
Subject: [ MDKSA-2006:178 ] - Updated ntp packages rebuilt against updated openssl.


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:178
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : ntp
 Date    : October 2, 2006
 Affected: 2006.0, 2007.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 Openssl recently had several vulnerabilities which were patched
 (CVE-2006-2937,2940,3738,4339, 4343). Some versions of ntp are built
 against a static copy of the SSL libraries. As a precaution an updated
 copy built against the new libraries in being made available.
 _______________________________________________________________________

 Updated Packages:
 
 Mandriva Linux 2006.0:
 98c8d5fa78f53e234fbe25720dd7c64e  2006.0/i586/ntp-4.2.0-21.2.20060mdk.i586.rpm
 690334db340a7418fd42f31f3ef0092b  2006.0/i586/ntp-client-4.2.0-21.2.20060mdk.i586.rpm 
 615821f6def15f16d1add3ef4db74584  2006.0/SRPMS/ntp-4.2.0-21.2.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 69b70d3b9c86494a072c1897a41c62a4  2006.0/x86_64/ntp-4.2.0-21.2.20060mdk.x86_64.rpm
 55e6f0121357ff75a3963f779b83621f  2006.0/x86_64/ntp-client-4.2.0-21.2.20060mdk.x86_64.rpm 
 615821f6def15f16d1add3ef4db74584  2006.0/SRPMS/ntp-4.2.0-21.2.20060mdk.src.rpm

 Mandriva Linux 2007.0:
 4b1e5dc60377ee51d9369269a82672b4  2007.0/i586/ntp-4.2.0-31.2mdv2007.0.i586.rpm
 6a2eca6a384e49006d39a1d2af6eb4b4  2007.0/i586/ntp-client-4.2.0-31.2mdv2007.0.i586.rpm 
 b3c8e254ab51edad15cec56a931873f4  2007.0/SRPMS/ntp-4.2.0-31.2mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 9a17e864f1d5d2b5b6990729ea94c371  2007.0/x86_64/ntp-4.2.0-31.2mdv2007.0.x86_64.rpm
 d267c0c5bfec9691572555e5147e459d  2007.0/x86_64/ntp-client-4.2.0-31.2mdv2007.0.x86_64.rpm 
 b3c8e254ab51edad15cec56a931873f4  2007.0/SRPMS/ntp-4.2.0-31.2mdv2007.0.src.rpm

 Corporate 4.0:
 90da334ac6d246c3b62c5ed9734f7047  corporate/4.0/i586/ntp-4.2.0-21.2.20060mlcs4.i586.rpm
 ba752440cb884a7451e1f3efc877c9d9  corporate/4.0/i586/ntp-client-4.2.0-21.2.20060mlcs4.i586.rpm 
 27f37e1e3d5ea1b4bd19cfb57a501659  corporate/4.0/SRPMS/ntp-4.2.0-21.2.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 19aaa620b9533f90f145b77ca6bddf2b  corporate/4.0/x86_64/ntp-4.2.0-21.2.20060mlcs4.x86_64.rpm
 0aeb37acab5364abb19fd6af5cc33f87  corporate/4.0/x86_64/ntp-client-4.2.0-21.2.20060mlcs4.x86_64.rpm 
 27f37e1e3d5ea1b4bd19cfb57a501659  corporate/4.0/SRPMS/ntp-4.2.0-21.2.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFIV//mqjQ0CJFipgRApEqAKDfrtPm9LmOw+FoQffcDyJ5TQ0UnwCdHole
JlZ71gXVFcj6A7k9cyBnzI0=
=T73Y
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ