[security-announce] OpenSSL: Security update (upgrade to OpenSSL 1.0.1m)

Sona Sarmadi sona.sarmadi at enea.com
Fri Apr 10 17:45:02 CEST 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

	Enea Linux Security Advisory

=========================================================
Product/package: OpenSSL

CVE Names (1.0.1j - 1.0.1m):
OpenSSL 1.0.1k: CVE-2014-3571, CVE-2015-0206, CVE-2014-3569
CVE-2014-3572, CVE-2015-0204, CVE-2015-0205, CVE-2014-8275 CVE-2014-3570,

OpenSSL 1.0.1m:
CVE-2015-0286, CVE-2015-0287, CVE-2015-0289, CVE-2015-0292
CVE-2015-0293, CVE-2015-0209, CVE-2015-0288
=========================================================
A security patch that upgrades OpenSSL to 1.0.1m version is now
available at http://linux.enea.com/4.0/patches:

README file: 0058-openssl-Upgrade-to-1.0.1m.README
Patch file: 0058-openssl-Upgrade-to-1.0.1m.patch

References:
==========
OpenSSL 1.0.1k
https://www.openssl.org/news/secadv_20150108.txt

OpenSSL 1.0.1m
https://www.openssl.org/news/secadv_20150319.txt


How to apply the patches
=======================
- - - Preparation
Make sure that you have an installation of Enea Linux and have applied
the existing patches in the right order.

wget http://linux.enea.com/4.0/Enea-Linux-4.0.tar.gz
tar zxf Enea-Linux-4.0.tar.gz
cd Enea-Linux-4.0/poky/
<Fetch and apply the existing patches >


- - - Fetch and apply the new patch
wget
http://linux.enea.com/4.0/patches/0058-openssl-Upgrade-to-1.0.1m.patch
patch -p1 < ./0058-openssl-Upgrade-to-1.0.1m.patch

If you have any questions regarding the security patches and security
updates please contact security at enea.com.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com

This message, including attachments, is CONFIDENTIAL. It may also be
privileged or otherwise protected by law. If you received this email
by mistake please let us know by reply and then delete it from your
system; you should not copy it or disclose its contents to anyone.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBAgAGBQJVJ+/9AAoJEHc+9u9ocWoU6C0P/Ak9g2Qhf1Q+DbddG1VIdVXI
2EppKA6FXSzut7TqyDNvXja27GIzdua20pDTqX+aN31LpKgEFrdNsLZm3mg18UPj
NbvV32L+3smnM1z2FuJ0OaCe5Tzi1/Yi7iraMRbUaobGRKrmy7wqYwSfujHBqU8Y
Wh+tfCYwrpOnA/p9Je8lYWCbjjBFxwsSKMSyzrrWbuWZp6yGfvH1CkgKiDRGguvC
uidzmdsMd2deG0FBhk1w0/gzMfu26irYrf5YebUwIlFrh/QPagizrakF+dKQ2GdB
KxOSa2yRlD0ehqrZf1ZplDF9mSuzEXl/CgjUfD6Lvnk3pWPHR0T7n3S0uOOMpzUH
AJEZnCC13taNuArnQgg70E375cRdvjccbNAx8T1bKvBfAa5VznoH94vMBLRwgPF9
+fpCnGDMr1YTecF/KKCX3YjzF+5owdMCA4g5QIssJZGLwdURpmfymMjElQYDHR7J
7kgV+ZJ0iVIK5R1w8xMaaXgD9btvE2sfPZPB0tIHn9kedBsgAtnQ5cZQu3WTD5DX
KM0R5iEqLXe8t+wtFBvxr4VxEdyr4YTb5cnVWLD4AjiMlFq1N13Ntjs67BvlIz5+
4/2QUC2wYLEkhAzaEGC7oVGmrUDdXgFIH/VJUh8iL3dF5BfAiPakywfG816FhP1i
+cQrvFUzZluX9y/u0Xud
=jgil
-----END PGP SIGNATURE-----


More information about the security-announce mailing list