Re: [SECURITY] OpenSSL 0.9.8d and 0.9.7l released

2006-09-29 Thread Haridharan 



  This release fixes four security vulnerabilities, CVE-2006-2937,
  CVE-2006-2940, CVE-2006-3738, CVE-2006-4343.  Please see
  http://www.openssl.org/news/secadv_20060928.txt



Does these fixes have patches where they can be plugged in with any of the 
OpenSSL 0.9.7x versions which I use?


Haridharan 


smime.p7s
Description: S/MIME cryptographic signature

[SECURITY] OpenSSL 0.9.8d and 0.9.7l released

2006-09-28 Thread Mark J Cox 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


   OpenSSL version 0.9.8d and 0.9.7l released
   ==

   OpenSSL - The Open Source toolkit for SSL/TLS
   http://www.openssl.org/

   The OpenSSL project team is pleased to announce the release of
   version 0.9.8d of our open source toolkit for SSL/TLS. This new
   OpenSSL version is a security and bugfix release and incorporates
   changes and bugfixes to the toolkit.  For a complete list of
   changes, please see http://www.openssl.org/source/exp/CHANGES.

   This release fixes four security vulnerabilities, CVE-2006-2937,
   CVE-2006-2940, CVE-2006-3738, CVE-2006-4343.  Please see
   http://www.openssl.org/news/secadv_20060928.txt

   We also release 0.9.7l, which contains the security update and
   bugfixes compared to 0.9.7k.

   We consider OpenSSL 0.9.8d to be the best version of OpenSSL
   available and we strongly recommend that users of older versions
   upgrade as soon as possible. OpenSSL 0.9.8d is available for
   download via HTTP and FTP from the following master locations (you
   can find the various FTP mirrors under
   http://www.openssl.org/source/mirror.html):

 * http://www.openssl.org/source/
 * ftp://ftp.openssl.org/source/

   For those who want or have to stay with the 0.9.7 series of
   OpenSSL, we strongly recommend that you upgrade to OpenSSL 0.9.7l
   as soon as possible.  It's available in the same location as
   0.9.8d.

   The distribution file names are:

o openssl-0.9.8d.tar.gz
  MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
  SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2

o openssl-0.9.7l.tar.gz
  MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
  SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d

   The checksums were calculated using the following commands:

openssl md5 openssl-0.9.*.tar.gz
openssl sha1 openssl-0.9.*.tar.gz

   Yours,

   The OpenSSL Project Team...

Mark J. Cox Nils Larsch Ulf Möller
Ralf S. Engelschall Ben Laurie  Andy Polyakov
Dr. Stephen Henson  Richard Levitte Geoff Thorpe
Lutz JänickeBodo Möller



-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2.2 (GNU/Linux)

iQCVAwUBRRvCTe6tTP1JpWPZAQIRbgP/aIb5s19eiSBrdGpSy36Ce1piAtBfqPPM
Bw/j9Y6fWTQYS5z/ZNDnFLmbQw269bR5nYIMT6da5dyKmSt9v6dUJHdQXI7i/gf4
o3JPEZwqRqqz1tyhhBNFMNAx3hV73noLOXUUuak+2Zw9VtKGTb4HoRGGmXq8VUSn
zeeX2KgXEwg=
=fiHy
-END PGP SIGNATURE-

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]