|
 |
|
Ubuntu update for openssl
|
|
|
|
|
Secunia Advisory:
|
SA30221
|
|
|
Release Date:
|
2008-05-13
|
|
Last Update:
|
2008-06-19
|
|
|
Critical:
|

Moderately critical
|
|
Impact:
|
Security Bypass
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Ubuntu Linux 7.04 Ubuntu Linux 7.10 Ubuntu Linux 8.04
|
|
| | CVE reference: | CVE-2008-0166 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product? - Companies can be alerted via email and SMS! |
|
|
Description: Ubuntu has issued an update for openssl. This fixes a security issue, which can lead to weak cryptographic key material.
For more information see vulnerability #1 in:
SA30220
Solution: Apply updated packages and recreate all cryptographic key material (see vendor advisory for more information).
-- Ubuntu 7.04 --
Source archives:
http://security.ubuntu.com/ubuntu/poo...ssl/openssl_0.9.8c-4ubuntu0.3.diff.gz
Size/MD5: 55960 f1528622672403589e0d3aac4091e3b7
http://security.ubuntu.com/ubuntu/poo...openssl/openssl_0.9.8c-4ubuntu0.3.dsc
Size/MD5: 899 24ce07dd1372b34976caa4e703b48254
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8c.orig.tar.gz
Size/MD5: 3313857 78454bec556bcb4c45129428a766c886
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/poo...9.8-udeb_0.9.8c-4ubuntu0.3_amd64.udeb
Size/MD5: 604324 c67285c8c9831d7d688930bf3403070e
http://security.ubuntu.com/ubuntu/poo...ibssl-dev_0.9.8c-4ubuntu0.3_amd64.deb
Size/MD5: 2186920 ebfec7f633c445ae170b06acb039175c
http://security.ubuntu.com/ubuntu/poo...0.9.8-dbg_0.9.8c-4ubuntu0.3_amd64.deb
Size/MD5: 1645270 3c37713de4ad97e6eb675f9f8a9b3ddd
http://security.ubuntu.com/ubuntu/poo...bssl0.9.8_0.9.8c-4ubuntu0.3_amd64.deb
Size/MD5: 918170 c282b7478265a81019e771a382ec99cd
http://security.ubuntu.com/ubuntu/poo...l/openssl_0.9.8c-4ubuntu0.3_amd64.deb
Size/MD5: 1006504 a199460e3209b03f454afa205abbd979
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/poo....9.8-udeb_0.9.8c-4ubuntu0.3_i386.udeb
Size/MD5: 569520 9441a49f438e5c0c77c70f9c50b3acee
http://security.ubuntu.com/ubuntu/poo...libssl-dev_0.9.8c-4ubuntu0.3_i386.deb
Size/MD5: 2068628 152dc5bd9d6edb669be2a4d88fdc9126
http://security.ubuntu.com/ubuntu/poo...l0.9.8-dbg_0.9.8c-4ubuntu0.3_i386.deb
Size/MD5: 5499922 4e07a86c1f4930411fffc25cb330f683
http://security.ubuntu.com/ubuntu/poo...ibssl0.9.8_0.9.8c-4ubuntu0.3_i386.deb
Size/MD5: 2809850 dd17842504c08b5a09e7ec15dee20f8b
http://security.ubuntu.com/ubuntu/poo...sl/openssl_0.9.8c-4ubuntu0.3_i386.deb
Size/MD5: 1001316 f823d1e7c4ea63e976fd129a2bfe5fed
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/poo...8-udeb_0.9.8c-4ubuntu0.3_powerpc.udeb
Size/MD5: 617086 d8158b21c17afbd21460dfee4a001194
http://security.ubuntu.com/ubuntu/poo...ssl-dev_0.9.8c-4ubuntu0.3_powerpc.deb
Size/MD5: 2217842 90507ac4c5dce8110853c8e71c366004
http://security.ubuntu.com/ubuntu/poo...9.8-dbg_0.9.8c-4ubuntu0.3_powerpc.deb
Size/MD5: 1705352 d2ac68501fc799a5033824d204ac0175
http://security.ubuntu.com/ubuntu/poo...sl0.9.8_0.9.8c-4ubuntu0.3_powerpc.deb
Size/MD5: 939544 1e6af8a9427957566434357f346096d9
http://security.ubuntu.com/ubuntu/poo...openssl_0.9.8c-4ubuntu0.3_powerpc.deb
Size/MD5: 1014948 b6c5a7b2c97df56cff30d1797490705f
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/poo...9.8-udeb_0.9.8c-4ubuntu0.3_sparc.udeb
Size/MD5: 563014 dd59635ac83a1c84fe59b7d8ab9b2992
http://security.ubuntu.com/ubuntu/poo...ibssl-dev_0.9.8c-4ubuntu0.3_sparc.deb
Size/MD5: 2111944 e647e97fbb98c2ce48c8fce8517c92d0
http://security.ubuntu.com/ubuntu/poo...0.9.8-dbg_0.9.8c-4ubuntu0.3_sparc.deb
Size/MD5: 4053968 b26c15bf44dc732832251f8cb1002b15
http://security.ubuntu.com/ubuntu/poo...bssl0.9.8_0.9.8c-4ubuntu0.3_sparc.deb
Size/MD5: 2205868 0b767362c79d60942cbe473deecad932
http://security.ubuntu.com/ubuntu/poo...l/openssl_0.9.8c-4ubuntu0.3_sparc.deb
Size/MD5: 1016770 f6940cc99ec5b841d4a54b9cb38af203
-- Ubuntu 7.10 --
Source archives:
http://security.ubuntu.com/ubuntu/poo...ssl/openssl_0.9.8e-5ubuntu3.2.diff.gz
Size/MD5: 58261 712fb9938545440a484c383c8a6ac7f7
http://security.ubuntu.com/ubuntu/poo...openssl/openssl_0.9.8e-5ubuntu3.2.dsc
Size/MD5: 950 b47e6ac103c4bcc8d969faf994c8a887
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8e.orig.tar.gz
Size/MD5: 3341665 3a7ff24f6ea5cd711984722ad654b927
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/poo...9.8-udeb_0.9.8e-5ubuntu3.2_amd64.udeb
Size/MD5: 608582 4e66d471698d449a31e206d91972ac77
http://security.ubuntu.com/ubuntu/poo...ibssl-dev_0.9.8e-5ubuntu3.2_amd64.deb
Size/MD5: 2065236 eb0982f5fdc2988b4a1adc3535a92cec
http://security.ubuntu.com/ubuntu/poo...0.9.8-dbg_0.9.8e-5ubuntu3.2_amd64.deb
Size/MD5: 1644030 45659a7dadef747fb828a11bf00b6466
http://security.ubuntu.com/ubuntu/poo...bssl0.9.8_0.9.8e-5ubuntu3.2_amd64.deb
Size/MD5: 928852 cbbc47991050e043a259065d6e63d3f1
http://security.ubuntu.com/ubuntu/poo...l/openssl_0.9.8e-5ubuntu3.2_amd64.deb
Size/MD5: 877820 d5254e3c81c503be7ec8d908985ca27d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/poo....9.8-udeb_0.9.8e-5ubuntu3.2_i386.udeb
Size/MD5: 571794 33ed14cad215235c7f3e3959417e618a
http://security.ubuntu.com/ubuntu/poo...libssl-dev_0.9.8e-5ubuntu3.2_i386.deb
Size/MD5: 1943124 63d90e3f64c213a4033caa78adbb3481
http://security.ubuntu.com/ubuntu/poo...l0.9.8-dbg_0.9.8e-5ubuntu3.2_i386.deb
Size/MD5: 5520470 9ffd3c29c28109498b530d5062d2537a
http://security.ubuntu.com/ubuntu/poo...ibssl0.9.8_0.9.8e-5ubuntu3.2_i386.deb
Size/MD5: 2825460 8265f8e385f34559d74ccca533c02a7a
http://security.ubuntu.com/ubuntu/poo...sl/openssl_0.9.8e-5ubuntu3.2_i386.deb
Size/MD5: 872078 09113bb86f530a81ab0a9ea3cff847cb
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/o/o....9.8-udeb_0.9.8e-5ubuntu3.2_lpia.udeb
Size/MD5: 537248 b14a7de8a4d2dc6c0636bcea065a25d9
http://ports.ubuntu.com/pool/main/o/o...libssl-dev_0.9.8e-5ubuntu3.2_lpia.deb
Size/MD5: 1922036 22e02a08b6042d2037ed82a05cbe5968
http://ports.ubuntu.com/pool/main/o/o...l0.9.8-dbg_0.9.8e-5ubuntu3.2_lpia.deb
Size/MD5: 1557052 34ac9b97e2297d773f00ec0cf9e9ed28
http://ports.ubuntu.com/pool/main/o/o...ibssl0.9.8_0.9.8e-5ubuntu3.2_lpia.deb
Size/MD5: 836566 2b357cdf056d2bdfc3d00eef8d758f12
http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8e-5ubuntu3.2_lpia.deb
Size/MD5: 876586 96f16cd47d93e94dbffb7bd7deb93284
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/poo...8-udeb_0.9.8e-5ubuntu3.2_powerpc.udeb
Size/MD5: 618002 6949577d5d0dff62f1a87843556fce47
http://security.ubuntu.com/ubuntu/poo...ssl-dev_0.9.8e-5ubuntu3.2_powerpc.deb
Size/MD5: 2093118 d1118570fb10780532a114316870024f
http://security.ubuntu.com/ubuntu/poo...9.8-dbg_0.9.8e-5ubuntu3.2_powerpc.deb
Size/MD5: 1704998 06a83dfb0b7463b2e0c48c957ad3e94f
http://security.ubuntu.com/ubuntu/poo...sl0.9.8_0.9.8e-5ubuntu3.2_powerpc.deb
Size/MD5: 945758 be53ff03675982367b0615701c0c9012
http://security.ubuntu.com/ubuntu/poo...openssl_0.9.8e-5ubuntu3.2_powerpc.deb
Size/MD5: 886184 dd98564311d595033534eb7c6f396718
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/poo...9.8-udeb_0.9.8e-5ubuntu3.2_sparc.udeb
Size/MD5: 565188 0ca872b583b61d0d15a872e83378782d
http://security.ubuntu.com/ubuntu/poo...ibssl-dev_0.9.8e-5ubuntu3.2_sparc.deb
Size/MD5: 1987272 9334f39b64dbc1765bf0b8bc1c5c0113
http://security.ubuntu.com/ubuntu/poo...0.9.8-dbg_0.9.8e-5ubuntu3.2_sparc.deb
Size/MD5: 4049724 69782f2dbd642b303551e128c1552aa3
http://security.ubuntu.com/ubuntu/poo...bssl0.9.8_0.9.8e-5ubuntu3.2_sparc.deb
Size/MD5: 2220894 8ae7f5b7585bd9e4f1392f76fd3bcc71
http://security.ubuntu.com/ubuntu/poo...l/openssl_0.9.8e-5ubuntu3.2_sparc.deb
Size/MD5: 887244 d6320a2c885ce0eae7dcc27f569a0963
-- Ubuntu 8.04 LTS --
Source archives:
http://security.ubuntu.com/ubuntu/poo...ssl/openssl_0.9.8g-4ubuntu3.1.diff.gz
Size/MD5: 52455 febf7cb03f479b0a3adcae06eb02203b
http://security.ubuntu.com/ubuntu/poo...openssl/openssl_0.9.8g-4ubuntu3.1.dsc
Size/MD5: 912 0a14742d144c1389dcbc52f47ba3f7c8
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g.orig.tar.gz
Size/MD5: 3354792 acf70a16359bf3658bdfb74bda1c4419
Architecture independent packages:
http://security.ubuntu.com/ubuntu/poo...openssl-doc_0.9.8g-4ubuntu3.1_all.deb
Size/MD5: 628518 80043d691d2bf742c6874b237ed659c6
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/poo...9.8-udeb_0.9.8g-4ubuntu3.1_amd64.udeb
Size/MD5: 603886 e1c9837aaa00f00c030be0948f2666f8
http://security.ubuntu.com/ubuntu/poo...ibssl-dev_0.9.8g-4ubuntu3.1_amd64.deb
Size/MD5: 2064554 4fd6b7dba2501356363e4c88876e7016
http://security.ubuntu.com/ubuntu/poo...0.9.8-dbg_0.9.8g-4ubuntu3.1_amd64.deb
Size/MD5: 1603796 877c7dc84a0a442a71322466aaf0191d
http://security.ubuntu.com/ubuntu/poo...bssl0.9.8_0.9.8g-4ubuntu3.1_amd64.deb
Size/MD5: 931158 936aeaeb9c0acfa73ce04362ef20f235
http://security.ubuntu.com/ubuntu/poo...l/openssl_0.9.8g-4ubuntu3.1_amd64.deb
Size/MD5: 390622 5ece5cbc091a8955ec7dc47b6494c42e
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/poo....9.8-udeb_0.9.8g-4ubuntu3.1_i386.udeb
Size/MD5: 564666 e428bac008437846a9411a34f7e46e8b
http://security.ubuntu.com/ubuntu/poo...libssl-dev_0.9.8g-4ubuntu3.1_i386.deb
Size/MD5: 1941644 b6edc3acd3a90c42baaf8819fd9f3256
http://security.ubuntu.com/ubuntu/poo...l0.9.8-dbg_0.9.8g-4ubuntu3.1_i386.deb
Size/MD5: 5340876 a1a31e52f2b6ce5b00a2e550e1c9a9f7
http://security.ubuntu.com/ubuntu/poo...ibssl0.9.8_0.9.8g-4ubuntu3.1_i386.deb
Size/MD5: 2828048 4ef2062996432b694e1a06eaf61818aa
http://security.ubuntu.com/ubuntu/poo...sl/openssl_0.9.8g-4ubuntu3.1_i386.deb
Size/MD5: 385434 f29998409853097ebe60730295c81e7b
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/o/o....9.8-udeb_0.9.8g-4ubuntu3.1_lpia.udeb
Size/MD5: 535450 2a6c4f477589124df101fdf508bf170d
http://ports.ubuntu.com/pool/main/o/o...libssl-dev_0.9.8g-4ubuntu3.1_lpia.deb
Size/MD5: 1922630 bfe69691602e76835d998443fecf6bf5
http://ports.ubuntu.com/pool/main/o/o...l0.9.8-dbg_0.9.8g-4ubuntu3.1_lpia.deb
Size/MD5: 1512332 c90b961b61a02198b87b503d1f7f01ce
http://ports.ubuntu.com/pool/main/o/o...ibssl0.9.8_0.9.8g-4ubuntu3.1_lpia.deb
Size/MD5: 842712 69b457eef0ae45f342e01bd13c83be2d
http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-4ubuntu3.1_lpia.deb
Size/MD5: 390028 41001b11916fd7d522580060ad298d16
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/o/o...8-udeb_0.9.8g-4ubuntu3.1_powerpc.udeb
Size/MD5: 610282 8c4ff25d4e5695eba1e0ea6e0fba22b1
http://ports.ubuntu.com/pool/main/o/o...ssl-dev_0.9.8g-4ubuntu3.1_powerpc.deb
Size/MD5: 2077924 35d088aee3c0ed62b9a18d861fca08b9
http://ports.ubuntu.com/pool/main/o/o...9.8-dbg_0.9.8g-4ubuntu3.1_powerpc.deb
Size/MD5: 1639052 85d14e648caaaf6fab7acae470d7e1b2
http://ports.ubuntu.com/pool/main/o/o...sl0.9.8_0.9.8g-4ubuntu3.1_powerpc.deb
Size/MD5: 944496 3f561d17a732a995c61a99bb58be0348
http://ports.ubuntu.com/pool/main/o/o...openssl_0.9.8g-4ubuntu3.1_powerpc.deb
Size/MD5: 399190 b7cdcf3e46bb497fc0d9f0ebd1e670d2
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/o/o...9.8-udeb_0.9.8g-4ubuntu3.1_sparc.udeb
Size/MD5: 559662 1e68facc899f2a355ffc5ba9d74873fb
http://ports.ubuntu.com/pool/main/o/o...ibssl-dev_0.9.8g-4ubuntu3.1_sparc.deb
Size/MD5: 1984618 3d1892e144d9e360091fca9970bac61a
http://ports.ubuntu.com/pool/main/o/o...0.9.8-dbg_0.9.8g-4ubuntu3.1_sparc.deb
Size/MD5: 3873424 769e051711a442675147042e60fa6e3b
http://ports.ubuntu.com/pool/main/o/o...bssl0.9.8_0.9.8g-4ubuntu3.1_sparc.deb
Size/MD5: 2241226 c21c1ea84171285a241ed7ec31fb2d2d
http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-4ubuntu3.1_sparc.deb
Size/MD5: 397810 31bccc57af7b0dc1dd6d9005bbdedb2c
openssl-blacklist packages:
-- Ubuntu 6.06 LTS --
Source archives:
http://security.ubuntu.com/ubuntu/poo...acklist_0.3.3+0.4-0ubuntu0.6.06.2.dsc
Size/MD5:676 ec900c22df66e7da2543082d7123aed7
http://security.ubuntu.com/ubuntu/poo...list_0.3.3+0.4-0ubuntu0.6.06.2.tar.gz
Size/MD5: 32928890 ff8a69186860a3c9bc78c86b51993154
Architecture independent packages:
http://security.ubuntu.com/ubuntu/poo...tra_0.3.3+0.4-0ubuntu0.6.06.2_all.deb
Size/MD5:6317974 c71f0e9dfaf87712672fb52acb55db0d
http://security.ubuntu.com/ubuntu/poo...ist_0.3.3+0.4-0ubuntu0.6.06.2_all.deb
Size/MD5:6333018 e43b4ea20935655041e803064cee6626
-- Ubuntu 7.04 --
Source archives:
http://security.ubuntu.com/ubuntu/poo...acklist_0.3.3+0.4-0ubuntu0.7.04.2.dsc
Size/MD5:812 71e900154130bd20b4401b6ac2653cdc
http://security.ubuntu.com/ubuntu/poo...list_0.3.3+0.4-0ubuntu0.7.04.2.tar.gz
Size/MD5: 32928996 37d24b96159aca653515a8aa136f31d3
Architecture independent packages:
http://security.ubuntu.com/ubuntu/poo...tra_0.3.3+0.4-0ubuntu0.7.04.2_all.deb
Size/MD5:6318082 cc4e2c235c71d36653ce1c2ef1b247bc
http://security.ubuntu.com/ubuntu/poo...ist_0.3.3+0.4-0ubuntu0.7.04.2_all.deb
Size/MD5:6332858 d805a05a0bc674c064256cf26f231881
-- Ubuntu 7.10 --
Source archives:
http://security.ubuntu.com/ubuntu/poo...acklist_0.3.3+0.4-0ubuntu0.7.10.2.dsc
Size/MD5:812 b62d9f57a2c6f4e3e671a3d9648b1df1
http://security.ubuntu.com/ubuntu/poo...list_0.3.3+0.4-0ubuntu0.7.10.2.tar.gz
Size/MD5: 32928995 8717c32922e43aaaf7203ccd268b99a8
Architecture independent packages:
http://security.ubuntu.com/ubuntu/poo...tra_0.3.3+0.4-0ubuntu0.7.10.2_all.deb
Size/MD5:6318232 81e856d987468e3fc3a0d6e7e21bf532
http://security.ubuntu.com/ubuntu/poo...ist_0.3.3+0.4-0ubuntu0.7.10.2_all.deb
Size/MD5:6332724 84087c5b3d5a05cf55d415adaf6974f1
-- Ubuntu 8.04 LTS --
Source archives:
http://security.ubuntu.com/ubuntu/poo...acklist_0.3.3+0.4-0ubuntu0.8.04.3.dsc
Size/MD5:943 c1d37d2d4a36ba178022fc27ff6a0bdc
http://security.ubuntu.com/ubuntu/poo...list_0.3.3+0.4-0ubuntu0.8.04.3.tar.gz
Size/MD5: 32929040 376d57551e6859b39c2e795284978233
Architecture independent packages:
http://security.ubuntu.com/ubuntu/poo...tra_0.3.3+0.4-0ubuntu0.8.04.3_all.deb
Size/MD5:6318142 0d1c09236b595d8fd8dbe4a617497d2e
http://security.ubuntu.com/ubuntu/poo...ist_0.3.3+0.4-0ubuntu0.8.04.3_all.deb
Size/MD5:6333180 df969f0af29ab3474c9d1d7b119a66a7
Changelog: 2008-05-22: Updated "Solution" section with additional information about updated openssl-blacklist packages. Added link to new Ubuntu advisory.
2008-06-13: Updated the openssl-blacklist packages in the "Solution" section. Added link to new Ubuntu advisory.
2008-06-19: Updated the openssl-blacklist packages in the "Solution" section. Added link to new Ubuntu advisory.
Original Advisory: http://www.ubuntu.com/usn/usn-612-1
http://www.ubuntu.com/usn/usn-612-8
http://www.ubuntu.com/usn/usn-612-9
http://www.ubuntu.com/usn/usn-612-11
Other References: SA30220:
http://secunia.com/advisories/30220/
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
165 Related Secunia Security Advisories, displaying 10
|
|
|
1. Ubuntu update for php
|
|
2. Ubuntu update for dnsmasq
|
|
3. Ubuntu update for firefox
|
|
4. Ubuntu update for kernel
|
|
5. Ubuntu update for bind
|
|
6. Ubuntu update for pcre3
|
|
7. Ubuntu update for firefox
|
|
8. Ubuntu update for openssl
|
|
9. Ubuntu update for ruby1.8
|
|
10. Ubuntu update for kernel
|
Show all related advisories
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|

|
 |
Secunia PSI Scan | Patch | Track Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|