Summary: | dev-libs/openssl RSA Signature Forgery (CVE-2006-4339) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | bernd, bolke, chainsaw, chazefroy, tcort |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openssl.org/news/secadv_20060905.txt | ||
Whiteboard: | A3? [glsa] jaervosz | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 146438 |
Description
Sune Kloppenborg Jeppesen (RETIRED)
2006-09-05 05:17:08 UTC
base-system please advise. both versions now in portage Arches please test and mark stable. Marked ppc stable. amd64 stable, w00t w00t openssl-0.9.7k stable on sparc. 0.9.8c stable on ppc64 alpha stable. x86 stable. ^.^ removing x86 as I forgot. *** Bug 146557 has been marked as a duplicate of this bug. *** Hi all, since the update I can't use https/sasl anymore. You can read the full story here: http://forums.gentoo.org/viewtopic-t-495860.html I reemerged dev-libs/openssl-0.9.7j with above patch applied and now it works again. I hope this just happens on my box. :-) S. No, it doesn't. I got hosed, too. Still checking the details :/ > No, it doesn't. I got hosed, too. Still checking the details :/
>
https works nicefully here (x86)
NB HPPA: we're just waiting for you before issuing the GLSA. Something wrong ?
Yeah, blooper with qca-tls. I needed 1.0-r3 (~x86, stable wouldn't compile). 0.9.7k hppa stable. GLSA 200609-05 Hi, i'm getting some different answers from a lot of folks, so maybe someone here could advise me. If i update 0.9.7i and update to 0.9.7j, would i need to revdep-rebuild everything or are they binary compatible ? all 0.9.6 versions are ABI compat with each other all 0.9.7 versions are ABI compat with each other all 0.9.8 versions are ABI compat with each other etc... *** Bug 146421 has been marked as a duplicate of this bug. *** |