[upki-fed:00460] OpenSSL$B@H<e@-$N(BShibboleth SP$B$X$N(B$B1F6A$K$D$$$F(B

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[upki-fed:00460] OpenSSL$B@H

Subject: [upki-fed:00460] OpenSSL$B@H
Date: Thu, 17 May 2012 02:42:32 +0900
From: Takeshi NISHIMURA <xxxxxxx@xxxxxxxxx>

Shibboleth SP$B$r$4MxMQ$N$_$J$5$^(B
$B@>B<$G$9!#(B

$B@hF|8x3+$5$l$?(BOpenSSL$B$N(BASN1 BIO$B$N@Hhttps://rhn.redhat.com/errata/RHSA-2012-0518.html
  $B!J>e5-$O(BCVE-2012-2110$BBP1~$N$b$N$G$9$,!"0J2<$N>pJs$K$h$l$P(BCVE-2012-2131$B$N(B
  $B1F6A$Ohttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2131 $B!K(B  

- Ubuntu
  http://www.ubuntu.com/usn/usn-1428-1/

- Windows
  $B@Hhttp://www.openssl.org/news/secadv_20120419.txt
> 
> Remediation
> ===========
> Updated Windows installer and postinstall ZIP files for V2.4.3
> have been posted that replace the OpenSSL libraries included
> with OpenSSL V1.0.0i.
> 
> The following files (and their debug siblings) are affected:
> 
> \opt\shibboleth\bin\openssl.exe
> \opt\shibboleth\lib\libeay32_1_0_0.dll
> \opt\shibboleth\lib\ssleay32_1_0_0.dll
> 
> Deployers using other platforms should refer to their OpenSSL
> technology provider for an update.
> 
> URL for this Security Advisory:
> http://shibboleth.internet2.edu/secadv/secadv_20120419.txt

-- 
$B@>B<7r(B
$B9qN)>pJs3X8&5f=j(B TEL:03-4212-2890
# 4$B7n$+$iFb@~HV9f$,JQ$o$j$^$7$?(B

Prev by Date: [upki-fed:00459] $B9qN)>pJs3X8&5f=j%*!<%W%s%O%&%9$K$*$1$k(B$B3XG'%;%C%7%g%s$K$D$$$F!J(B6$B7n(B8$BF|(B$B!J6b!K!K(B
Next by Date: [upki-fed:00461] Re: $B%a%?%G!<%?5-:\$N>ZL@=q99?7

Previous by thread: [upki-fed:00459] $B9qN)>pJs3X8&5f=j%*!<%W%s%O%&%9$K$*$1$k(B$B3XG'%;%C%7%g%s$K$D$$$F!J(B6$B7n(B8$BF|(B$B!J6b!K!K(B
Next by thread: [upki-fed:00462] meatwiki$B$*$h$S(BGakuNin mAP$B%5!<%S%9(B$B0l;~Dd;_$N$*CN$i$;(B
Index(es):
- Date
- Thread