From dvm105 at psu.edu Thu Sep 14 20:01:46 2006 From: dvm105 at psu.edu (Derek Morr) Date: Thu, 14 Sep 2006 14:01:46 -0400 Subject: [csw-announce] openssl security advisory Message-ID: <4509990A.8010000@psu.edu> The OpenSSL project recently discovered a flaw that could allow an attacker to generate a forged RSA signature that OpenSSL will accept as valid. This vulnerability is resolved in OpenSSL 0.9.8c. We recommend that you immediately upgrade your openssl package by running: pkg-get -Uu openssl Note that services linking against the openssl shared libraries will need to be restarted. For more information, please see http://www.openssl.org/news/secadv_20060905.txt -derek From dvm105 at psu.edu Thu Sep 14 20:01:46 2006 From: dvm105 at psu.edu (Derek Morr) Date: Thu, 14 Sep 2006 14:01:46 -0400 Subject: [csw-announce] openssl security advisory Message-ID: <4509990A.8010000@psu.edu> The OpenSSL project recently discovered a flaw that could allow an attacker to generate a forged RSA signature that OpenSSL will accept as valid. This vulnerability is resolved in OpenSSL 0.9.8c. We recommend that you immediately upgrade your openssl package by running: pkg-get -Uu openssl Note that services linking against the openssl shared libraries will need to be restarted. For more information, please see http://www.openssl.org/news/secadv_20060905.txt -derek