source: projects/web/trunk/errata/6x/20140409-2.dat @ 8341

Revision 8341, 1.7 KB checked in by iwamoto, 10 years ago (diff)

20140409-2: openssl
20140409-3: file
20140409-4: curl
20140409-5: openssh
Line 
1<date>
22014,04,09
3
4<title>
5openssl にセキュリティホール
6
7<target>
86.2/i386, 6.2/x86_64
9
10<url>
11http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076
12http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-001795.html
13
14<info>
15OpenSSL のモンゴメリ・ラダー (Montgomery ladder) の実装に問題が発見されました。<br/>
16特定のスワップ操作が一定時間で動作することを確認しないため、楕円曲線デジタル署名アルゴリズム(ECDSA)のワンタイムトークンを取得される可能性があります。<br/>
17(CVE-2014-0076)<br/>
18<br/>
19
20<directory>
21Vine-6.2/updates/RPMS/i386
22Vine-6.2/updates/RPMS/x86_64
23
24<update>
25 [ size ] [ SHA1 checksum ]                        [ file name ]
26  4097051 2a89585a56eba53bbb21d524ad7b1df9161fa775 openssl-1.0.0l-2vl6.src.rpm
27
28  1756266 1188291f8f220b37a629b916fa28d6d652122ba3 openssl-1.0.0l-2vl6.i686.rpm
29  1268394 ae8443ab0ce7cc70dee5fc3416ead95d78dbb689 openssl-devel-1.0.0l-2vl6.i686.rpm
30    26422 aa1f283ea25f879591519d873530131b3ec2c77f openssl-perl-1.0.0l-2vl6.i686.rpm
31  1080341 abf401c88c83c402f28b1c63300062400c7ae56f openssl-static-1.0.0l-2vl6.i686.rpm
32
33  1854878 ce0b7ef5e0b99871f8cd31c8e3a878972e8622f3 openssl-1.0.0l-2vl6.x86_64.rpm
34  1268364 6e4ce05b7810b769a8783ea59d21840e3372cf3c openssl-devel-1.0.0l-2vl6.x86_64.rpm
35    26393 f5a421c034b85e39df31dba2e5ff3493a985405a openssl-perl-1.0.0l-2vl6.x86_64.rpm
36  1166792 a74f58ade78ebda2f320e64ef29855690ccc7ed0 openssl-static-1.0.0l-2vl6.x86_64.rpm
37   922720 79b43290d91178a5b64cd0cb38f72ca0d3c33dae compat32-openssl-1.0.0l-2vl6.i686.rpm
38    16721 bf85740724c4be7d8c4a0fe3d1631f79f175868c compat32-openssl-devel-1.0.0l-2vl6.i686.rpm
Note: See TracBrowser for help on using the repository browser.