Ubuntu update for openssl - Advisories

Software Inspectors

	Scan Online

	Personal (PSI)

	Network (NSI 2.0)

Solutions For

	Security Professionals

	Security Vendors

Free Solutions For

	Open Communities

	Journalists & Media

Secunia Advisories

	Search

	Historic Advisories

	Listed By Product

	Listed By Vendor

	Statistics / Graphs

	Secunia Research

	Report Vulnerability

	About Advisories

Virus Information

	Chronological List

	Last 10 Virus Alerts

	About Virus Information

Secunia Customers

	Customer Area

Ubuntu update for openssl

Secunia Advisory:	SA30221
Release Date:	2008-05-13
Last Update:	2008-06-19

Critical:	Moderately critical
Impact:	Security Bypass
Where:	From remote
Solution Status:	Vendor Patch

OS:	Ubuntu Linux 7.04 Ubuntu Linux 7.10 Ubuntu Linux 8.04


CVE reference:	CVE-2008-0166 (Secunia mirror)

	Want to know the next time vulnerabilities are fixed in this product? - Companies can be alerted via email and SMS!

Description: Ubuntu has issued an update for openssl. This fixes a security issue, which can lead to weak cryptographic key material. For more information see vulnerability #1 in: SA30220 Solution: Apply updated packages and recreate all cryptographic key material (see vendor advisory for more information). -- Ubuntu 7.04 -- Source archives: http://security.ubuntu.com/ubuntu/poo...ssl/openssl_0.9.8c-4ubuntu0.3.diff.gz Size/MD5: 55960 f1528622672403589e0d3aac4091e3b7 http://security.ubuntu.com/ubuntu/poo...openssl/openssl_0.9.8c-4ubuntu0.3.dsc Size/MD5: 899 24ce07dd1372b34976caa4e703b48254 http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8c.orig.tar.gz Size/MD5: 3313857 78454bec556bcb4c45129428a766c886 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/poo...9.8-udeb_0.9.8c-4ubuntu0.3_amd64.udeb Size/MD5: 604324 c67285c8c9831d7d688930bf3403070e http://security.ubuntu.com/ubuntu/poo...ibssl-dev_0.9.8c-4ubuntu0.3_amd64.deb Size/MD5: 2186920 ebfec7f633c445ae170b06acb039175c http://security.ubuntu.com/ubuntu/poo...0.9.8-dbg_0.9.8c-4ubuntu0.3_amd64.deb Size/MD5: 1645270 3c37713de4ad97e6eb675f9f8a9b3ddd http://security.ubuntu.com/ubuntu/poo...bssl0.9.8_0.9.8c-4ubuntu0.3_amd64.deb Size/MD5: 918170 c282b7478265a81019e771a382ec99cd http://security.ubuntu.com/ubuntu/poo...l/openssl_0.9.8c-4ubuntu0.3_amd64.deb Size/MD5: 1006504 a199460e3209b03f454afa205abbd979 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/poo....9.8-udeb_0.9.8c-4ubuntu0.3_i386.udeb Size/MD5: 569520 9441a49f438e5c0c77c70f9c50b3acee http://security.ubuntu.com/ubuntu/poo...libssl-dev_0.9.8c-4ubuntu0.3_i386.deb Size/MD5: 2068628 152dc5bd9d6edb669be2a4d88fdc9126 http://security.ubuntu.com/ubuntu/poo...l0.9.8-dbg_0.9.8c-4ubuntu0.3_i386.deb Size/MD5: 5499922 4e07a86c1f4930411fffc25cb330f683 http://security.ubuntu.com/ubuntu/poo...ibssl0.9.8_0.9.8c-4ubuntu0.3_i386.deb Size/MD5: 2809850 dd17842504c08b5a09e7ec15dee20f8b http://security.ubuntu.com/ubuntu/poo...sl/openssl_0.9.8c-4ubuntu0.3_i386.deb Size/MD5: 1001316 f823d1e7c4ea63e976fd129a2bfe5fed powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/poo...8-udeb_0.9.8c-4ubuntu0.3_powerpc.udeb Size/MD5: 617086 d8158b21c17afbd21460dfee4a001194 http://security.ubuntu.com/ubuntu/poo...ssl-dev_0.9.8c-4ubuntu0.3_powerpc.deb Size/MD5: 2217842 90507ac4c5dce8110853c8e71c366004 http://security.ubuntu.com/ubuntu/poo...9.8-dbg_0.9.8c-4ubuntu0.3_powerpc.deb Size/MD5: 1705352 d2ac68501fc799a5033824d204ac0175 http://security.ubuntu.com/ubuntu/poo...sl0.9.8_0.9.8c-4ubuntu0.3_powerpc.deb Size/MD5: 939544 1e6af8a9427957566434357f346096d9 http://security.ubuntu.com/ubuntu/poo...openssl_0.9.8c-4ubuntu0.3_powerpc.deb Size/MD5: 1014948 b6c5a7b2c97df56cff30d1797490705f sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/poo...9.8-udeb_0.9.8c-4ubuntu0.3_sparc.udeb Size/MD5: 563014 dd59635ac83a1c84fe59b7d8ab9b2992 http://security.ubuntu.com/ubuntu/poo...ibssl-dev_0.9.8c-4ubuntu0.3_sparc.deb Size/MD5: 2111944 e647e97fbb98c2ce48c8fce8517c92d0 http://security.ubuntu.com/ubuntu/poo...0.9.8-dbg_0.9.8c-4ubuntu0.3_sparc.deb Size/MD5: 4053968 b26c15bf44dc732832251f8cb1002b15 http://security.ubuntu.com/ubuntu/poo...bssl0.9.8_0.9.8c-4ubuntu0.3_sparc.deb Size/MD5: 2205868 0b767362c79d60942cbe473deecad932 http://security.ubuntu.com/ubuntu/poo...l/openssl_0.9.8c-4ubuntu0.3_sparc.deb Size/MD5: 1016770 f6940cc99ec5b841d4a54b9cb38af203 -- Ubuntu 7.10 -- Source archives: http://security.ubuntu.com/ubuntu/poo...ssl/openssl_0.9.8e-5ubuntu3.2.diff.gz Size/MD5: 58261 712fb9938545440a484c383c8a6ac7f7 http://security.ubuntu.com/ubuntu/poo...openssl/openssl_0.9.8e-5ubuntu3.2.dsc Size/MD5: 950 b47e6ac103c4bcc8d969faf994c8a887 http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8e.orig.tar.gz Size/MD5: 3341665 3a7ff24f6ea5cd711984722ad654b927 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/poo...9.8-udeb_0.9.8e-5ubuntu3.2_amd64.udeb Size/MD5: 608582 4e66d471698d449a31e206d91972ac77 http://security.ubuntu.com/ubuntu/poo...ibssl-dev_0.9.8e-5ubuntu3.2_amd64.deb Size/MD5: 2065236 eb0982f5fdc2988b4a1adc3535a92cec http://security.ubuntu.com/ubuntu/poo...0.9.8-dbg_0.9.8e-5ubuntu3.2_amd64.deb Size/MD5: 1644030 45659a7dadef747fb828a11bf00b6466 http://security.ubuntu.com/ubuntu/poo...bssl0.9.8_0.9.8e-5ubuntu3.2_amd64.deb Size/MD5: 928852 cbbc47991050e043a259065d6e63d3f1 http://security.ubuntu.com/ubuntu/poo...l/openssl_0.9.8e-5ubuntu3.2_amd64.deb Size/MD5: 877820 d5254e3c81c503be7ec8d908985ca27d i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/poo....9.8-udeb_0.9.8e-5ubuntu3.2_i386.udeb Size/MD5: 571794 33ed14cad215235c7f3e3959417e618a http://security.ubuntu.com/ubuntu/poo...libssl-dev_0.9.8e-5ubuntu3.2_i386.deb Size/MD5: 1943124 63d90e3f64c213a4033caa78adbb3481 http://security.ubuntu.com/ubuntu/poo...l0.9.8-dbg_0.9.8e-5ubuntu3.2_i386.deb Size/MD5: 5520470 9ffd3c29c28109498b530d5062d2537a http://security.ubuntu.com/ubuntu/poo...ibssl0.9.8_0.9.8e-5ubuntu3.2_i386.deb Size/MD5: 2825460 8265f8e385f34559d74ccca533c02a7a http://security.ubuntu.com/ubuntu/poo...sl/openssl_0.9.8e-5ubuntu3.2_i386.deb Size/MD5: 872078 09113bb86f530a81ab0a9ea3cff847cb lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/o/o....9.8-udeb_0.9.8e-5ubuntu3.2_lpia.udeb Size/MD5: 537248 b14a7de8a4d2dc6c0636bcea065a25d9 http://ports.ubuntu.com/pool/main/o/o...libssl-dev_0.9.8e-5ubuntu3.2_lpia.deb Size/MD5: 1922036 22e02a08b6042d2037ed82a05cbe5968 http://ports.ubuntu.com/pool/main/o/o...l0.9.8-dbg_0.9.8e-5ubuntu3.2_lpia.deb Size/MD5: 1557052 34ac9b97e2297d773f00ec0cf9e9ed28 http://ports.ubuntu.com/pool/main/o/o...ibssl0.9.8_0.9.8e-5ubuntu3.2_lpia.deb Size/MD5: 836566 2b357cdf056d2bdfc3d00eef8d758f12 http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8e-5ubuntu3.2_lpia.deb Size/MD5: 876586 96f16cd47d93e94dbffb7bd7deb93284 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/poo...8-udeb_0.9.8e-5ubuntu3.2_powerpc.udeb Size/MD5: 618002 6949577d5d0dff62f1a87843556fce47 http://security.ubuntu.com/ubuntu/poo...ssl-dev_0.9.8e-5ubuntu3.2_powerpc.deb Size/MD5: 2093118 d1118570fb10780532a114316870024f http://security.ubuntu.com/ubuntu/poo...9.8-dbg_0.9.8e-5ubuntu3.2_powerpc.deb Size/MD5: 1704998 06a83dfb0b7463b2e0c48c957ad3e94f http://security.ubuntu.com/ubuntu/poo...sl0.9.8_0.9.8e-5ubuntu3.2_powerpc.deb Size/MD5: 945758 be53ff03675982367b0615701c0c9012 http://security.ubuntu.com/ubuntu/poo...openssl_0.9.8e-5ubuntu3.2_powerpc.deb Size/MD5: 886184 dd98564311d595033534eb7c6f396718 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/poo...9.8-udeb_0.9.8e-5ubuntu3.2_sparc.udeb Size/MD5: 565188 0ca872b583b61d0d15a872e83378782d http://security.ubuntu.com/ubuntu/poo...ibssl-dev_0.9.8e-5ubuntu3.2_sparc.deb Size/MD5: 1987272 9334f39b64dbc1765bf0b8bc1c5c0113 http://security.ubuntu.com/ubuntu/poo...0.9.8-dbg_0.9.8e-5ubuntu3.2_sparc.deb Size/MD5: 4049724 69782f2dbd642b303551e128c1552aa3 http://security.ubuntu.com/ubuntu/poo...bssl0.9.8_0.9.8e-5ubuntu3.2_sparc.deb Size/MD5: 2220894 8ae7f5b7585bd9e4f1392f76fd3bcc71 http://security.ubuntu.com/ubuntu/poo...l/openssl_0.9.8e-5ubuntu3.2_sparc.deb Size/MD5: 887244 d6320a2c885ce0eae7dcc27f569a0963 -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/poo...ssl/openssl_0.9.8g-4ubuntu3.1.diff.gz Size/MD5: 52455 febf7cb03f479b0a3adcae06eb02203b http://security.ubuntu.com/ubuntu/poo...openssl/openssl_0.9.8g-4ubuntu3.1.dsc Size/MD5: 912 0a14742d144c1389dcbc52f47ba3f7c8 http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g.orig.tar.gz Size/MD5: 3354792 acf70a16359bf3658bdfb74bda1c4419 Architecture independent packages: http://security.ubuntu.com/ubuntu/poo...openssl-doc_0.9.8g-4ubuntu3.1_all.deb Size/MD5: 628518 80043d691d2bf742c6874b237ed659c6 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/poo...9.8-udeb_0.9.8g-4ubuntu3.1_amd64.udeb Size/MD5: 603886 e1c9837aaa00f00c030be0948f2666f8 http://security.ubuntu.com/ubuntu/poo...ibssl-dev_0.9.8g-4ubuntu3.1_amd64.deb Size/MD5: 2064554 4fd6b7dba2501356363e4c88876e7016 http://security.ubuntu.com/ubuntu/poo...0.9.8-dbg_0.9.8g-4ubuntu3.1_amd64.deb Size/MD5: 1603796 877c7dc84a0a442a71322466aaf0191d http://security.ubuntu.com/ubuntu/poo...bssl0.9.8_0.9.8g-4ubuntu3.1_amd64.deb Size/MD5: 931158 936aeaeb9c0acfa73ce04362ef20f235 http://security.ubuntu.com/ubuntu/poo...l/openssl_0.9.8g-4ubuntu3.1_amd64.deb Size/MD5: 390622 5ece5cbc091a8955ec7dc47b6494c42e i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/poo....9.8-udeb_0.9.8g-4ubuntu3.1_i386.udeb Size/MD5: 564666 e428bac008437846a9411a34f7e46e8b http://security.ubuntu.com/ubuntu/poo...libssl-dev_0.9.8g-4ubuntu3.1_i386.deb Size/MD5: 1941644 b6edc3acd3a90c42baaf8819fd9f3256 http://security.ubuntu.com/ubuntu/poo...l0.9.8-dbg_0.9.8g-4ubuntu3.1_i386.deb Size/MD5: 5340876 a1a31e52f2b6ce5b00a2e550e1c9a9f7 http://security.ubuntu.com/ubuntu/poo...ibssl0.9.8_0.9.8g-4ubuntu3.1_i386.deb Size/MD5: 2828048 4ef2062996432b694e1a06eaf61818aa http://security.ubuntu.com/ubuntu/poo...sl/openssl_0.9.8g-4ubuntu3.1_i386.deb Size/MD5: 385434 f29998409853097ebe60730295c81e7b lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/o/o....9.8-udeb_0.9.8g-4ubuntu3.1_lpia.udeb Size/MD5: 535450 2a6c4f477589124df101fdf508bf170d http://ports.ubuntu.com/pool/main/o/o...libssl-dev_0.9.8g-4ubuntu3.1_lpia.deb Size/MD5: 1922630 bfe69691602e76835d998443fecf6bf5 http://ports.ubuntu.com/pool/main/o/o...l0.9.8-dbg_0.9.8g-4ubuntu3.1_lpia.deb Size/MD5: 1512332 c90b961b61a02198b87b503d1f7f01ce http://ports.ubuntu.com/pool/main/o/o...ibssl0.9.8_0.9.8g-4ubuntu3.1_lpia.deb Size/MD5: 842712 69b457eef0ae45f342e01bd13c83be2d http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-4ubuntu3.1_lpia.deb Size/MD5: 390028 41001b11916fd7d522580060ad298d16 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/o/o...8-udeb_0.9.8g-4ubuntu3.1_powerpc.udeb Size/MD5: 610282 8c4ff25d4e5695eba1e0ea6e0fba22b1 http://ports.ubuntu.com/pool/main/o/o...ssl-dev_0.9.8g-4ubuntu3.1_powerpc.deb Size/MD5: 2077924 35d088aee3c0ed62b9a18d861fca08b9 http://ports.ubuntu.com/pool/main/o/o...9.8-dbg_0.9.8g-4ubuntu3.1_powerpc.deb Size/MD5: 1639052 85d14e648caaaf6fab7acae470d7e1b2 http://ports.ubuntu.com/pool/main/o/o...sl0.9.8_0.9.8g-4ubuntu3.1_powerpc.deb Size/MD5: 944496 3f561d17a732a995c61a99bb58be0348 http://ports.ubuntu.com/pool/main/o/o...openssl_0.9.8g-4ubuntu3.1_powerpc.deb Size/MD5: 399190 b7cdcf3e46bb497fc0d9f0ebd1e670d2 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/o/o...9.8-udeb_0.9.8g-4ubuntu3.1_sparc.udeb Size/MD5: 559662 1e68facc899f2a355ffc5ba9d74873fb http://ports.ubuntu.com/pool/main/o/o...ibssl-dev_0.9.8g-4ubuntu3.1_sparc.deb Size/MD5: 1984618 3d1892e144d9e360091fca9970bac61a http://ports.ubuntu.com/pool/main/o/o...0.9.8-dbg_0.9.8g-4ubuntu3.1_sparc.deb Size/MD5: 3873424 769e051711a442675147042e60fa6e3b http://ports.ubuntu.com/pool/main/o/o...bssl0.9.8_0.9.8g-4ubuntu3.1_sparc.deb Size/MD5: 2241226 c21c1ea84171285a241ed7ec31fb2d2d http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-4ubuntu3.1_sparc.deb Size/MD5: 397810 31bccc57af7b0dc1dd6d9005bbdedb2c openssl-blacklist packages: -- Ubuntu 6.06 LTS -- Source archives: http://security.ubuntu.com/ubuntu/poo...acklist_0.3.3+0.4-0ubuntu0.6.06.2.dsc Size/MD5:676 ec900c22df66e7da2543082d7123aed7 http://security.ubuntu.com/ubuntu/poo...list_0.3.3+0.4-0ubuntu0.6.06.2.tar.gz Size/MD5: 32928890 ff8a69186860a3c9bc78c86b51993154 Architecture independent packages: http://security.ubuntu.com/ubuntu/poo...tra_0.3.3+0.4-0ubuntu0.6.06.2_all.deb Size/MD5:6317974 c71f0e9dfaf87712672fb52acb55db0d http://security.ubuntu.com/ubuntu/poo...ist_0.3.3+0.4-0ubuntu0.6.06.2_all.deb Size/MD5:6333018 e43b4ea20935655041e803064cee6626 -- Ubuntu 7.04 -- Source archives: http://security.ubuntu.com/ubuntu/poo...acklist_0.3.3+0.4-0ubuntu0.7.04.2.dsc Size/MD5:812 71e900154130bd20b4401b6ac2653cdc http://security.ubuntu.com/ubuntu/poo...list_0.3.3+0.4-0ubuntu0.7.04.2.tar.gz Size/MD5: 32928996 37d24b96159aca653515a8aa136f31d3 Architecture independent packages: http://security.ubuntu.com/ubuntu/poo...tra_0.3.3+0.4-0ubuntu0.7.04.2_all.deb Size/MD5:6318082 cc4e2c235c71d36653ce1c2ef1b247bc http://security.ubuntu.com/ubuntu/poo...ist_0.3.3+0.4-0ubuntu0.7.04.2_all.deb Size/MD5:6332858 d805a05a0bc674c064256cf26f231881 -- Ubuntu 7.10 -- Source archives: http://security.ubuntu.com/ubuntu/poo...acklist_0.3.3+0.4-0ubuntu0.7.10.2.dsc Size/MD5:812 b62d9f57a2c6f4e3e671a3d9648b1df1 http://security.ubuntu.com/ubuntu/poo...list_0.3.3+0.4-0ubuntu0.7.10.2.tar.gz Size/MD5: 32928995 8717c32922e43aaaf7203ccd268b99a8 Architecture independent packages: http://security.ubuntu.com/ubuntu/poo...tra_0.3.3+0.4-0ubuntu0.7.10.2_all.deb Size/MD5:6318232 81e856d987468e3fc3a0d6e7e21bf532 http://security.ubuntu.com/ubuntu/poo...ist_0.3.3+0.4-0ubuntu0.7.10.2_all.deb Size/MD5:6332724 84087c5b3d5a05cf55d415adaf6974f1 -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/poo...acklist_0.3.3+0.4-0ubuntu0.8.04.3.dsc Size/MD5:943 c1d37d2d4a36ba178022fc27ff6a0bdc http://security.ubuntu.com/ubuntu/poo...list_0.3.3+0.4-0ubuntu0.8.04.3.tar.gz Size/MD5: 32929040 376d57551e6859b39c2e795284978233 Architecture independent packages: http://security.ubuntu.com/ubuntu/poo...tra_0.3.3+0.4-0ubuntu0.8.04.3_all.deb Size/MD5:6318142 0d1c09236b595d8fd8dbe4a617497d2e http://security.ubuntu.com/ubuntu/poo...ist_0.3.3+0.4-0ubuntu0.8.04.3_all.deb Size/MD5:6333180 df969f0af29ab3474c9d1d7b119a66a7 Changelog: 2008-05-22: Updated "Solution" section with additional information about updated openssl-blacklist packages. Added link to new Ubuntu advisory. 2008-06-13: Updated the openssl-blacklist packages in the "Solution" section. Added link to new Ubuntu advisory. 2008-06-19: Updated the openssl-blacklist packages in the "Solution" section. Added link to new Ubuntu advisory. Original Advisory: http://www.ubuntu.com/usn/usn-612-1 http://www.ubuntu.com/usn/usn-612-8 http://www.ubuntu.com/usn/usn-612-9 http://www.ubuntu.com/usn/usn-612-11 Other References: SA30220: http://secunia.com/advisories/30220/



Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

165 Related Secunia Security Advisories, displaying 10

1. Ubuntu update for php

2. Ubuntu update for dnsmasq

3. Ubuntu update for firefox

4. Ubuntu update for kernel

5. Ubuntu update for bind

6. Ubuntu update for pcre3

7. Ubuntu update for firefox

8. Ubuntu update for openssl

9. Ubuntu update for ruby1.8

10. Ubuntu update for kernel

Show all related advisories

Send Feedback to Secunia

If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Linux Kernel LDT Buffer Size Handling Vulnerability

2.	OpenBSD BIND Query Port DNS Cache Poisoning

3.	Red Hat update for thunderbird

4.	Drupal Session Fixation Vulnerability

5.	Apple Safari Cross-Domain Cookie Injection Vulnerability

6.	IPCop update for perl

7.	Slackware update for dnsmasq

8.	Red Hat update for kernel

9.	Debian update for iceweasel

10.	Debian update for xulrunner