[slackware-security]  openssl (SSA:2013-042-01)

New openssl packages are available for Slackware 14.0, and -current to
fix a bug in openssl-1.0.1d.


Here are the details from the Slackware 14.0 ChangeLog:
+--------------------------+
patches/packages/openssl-1.0.1e-i486-1_slack14.0.txz:  Upgraded.
  This release fixes a regression in openssl-1.0.1d, where the fix for
  CVE-2013-0169 caused data corruption on CPUs with AES-NI support.
patches/packages/openssl-solibs-1.0.1e-i486-1_slack14.0.txz:  Upgraded.
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated packages for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1e-
i486-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-
1.0.1e-i486-1_slack14.0.txz

Updated packages for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1
e-x86_64-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solib
s-1.0.1e-x86_64-1_slack14.0.txz

Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.
0.1e-i486-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1e-i4
86-1.txz

Updated packages for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solib
s-1.0.1e-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1
e-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 14.0 packages:
4df2d704e649667ef04093faa6920bba  openssl-1.0.1e-i486-1_slack14.0.txz
3525b7c4d2e1e54851080f731d70a835  openssl-solibs-1.0.1e-i486-1_slack14.0.txz

Slackware x86_64 14.0 packages:
1e1f09edce11cac2ffcff4b2324fb532  openssl-1.0.1e-x86_64-1_slack14.0.txz
23c1ff47378361c758fb49d1b005eb13  openssl-solibs-1.0.1e-x86_64-1_slack14.0.txz

Slackware -current packages:
1dce1d27bc6dba3f1acd61972b0f2c63  a/openssl-solibs-1.0.1e-i486-1.txz
3ef010a9da36b042d6724ebf00061192  n/openssl-1.0.1e-i486-1.txz

Slackware x86_64 -current packages:
9ef4661b4072028e2fe656d3ba3ed590  a/openssl-solibs-1.0.1e-x86_64-1.txz
0c3bbbb3a280a36081e50b619ae292e4  n/openssl-1.0.1e-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the packages as root:
# upgradepkg openssl-1.0.1e-i486-1_slack14.0.txz
openssl-solibs-1.0.1e-i486-1_slack14.0.txz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

Is it time to professionalize information security?

Posted on 23 May 2013.  |  The issue of whether or not information security professionals should be licensed to practice has already been the topic of many a passionate debate.

Review: Logging and Log Management

Posted on 22 May 2013.  |  Every security practitioner should be aware of the overwhelming advantages of logging and perusing logs for discovering system intrusions. But logging and log management comes with its own set of difficulties.

Experts highlight top data breach vulnerabilities

Posted on 22 May 2013.  |  Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker.

A closer look at Mega cloud storage

Posted on 21 May 2013.  |  Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.

The CSO perspective on healthcare security and compliance

Posted on 20 May 2013.  |  Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.