Mandriva Security Advisory MDVSA-2009:310 (openssl) Network Vulnerability

Summary

The remote host is missing an update to openssl announced via advisory MDVSA-2009:310.

Solution

To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:310 http://marc.info/?l=openssl-cvs&m=124508133203041&w=2

Insight

For details on the issues addressed with this update, please visit the referenced security advisories. Packages for 2008.0 are being provided due to extended support for Corporate products. The updated packages have been patched to prevent this. Affected: 2008.0

Severity

Classification

CVE CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386, CVE-2009-1387, CVE-2009-2409
CVSS Base Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:172 (dhcp)
Mandrake Security Advisory MDVSA-2009:161-1 (squid)
Mandrake Security Advisory MDVSA-2009:107 (acpid)
Mandrake Security Advisory MDVSA-2009:163 (tomcat5)
Mandrake Security Advisory MDVSA-2009:043 (gnumeric)

Take action and discover your vulnerabilities