Tuesday, November 17, 2009

Security Update: OpenSSL

OpenSSL has been upgraded to fix security discussed on CVE-2009-3555. Along with these update, several applications gets upgraded and rebuilt (and even removed).

Here's the latest -Current changelog:
Mon Nov 16 18:56:26 UTC 2009
a/openssl-solibs-0.9.8l-i486-1.txz: Upgraded.
Disables SSL renegotiation.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
(* Security fix *)

kde/mplayerthumbs-1.2-i486-2.txz: Removed.
mplayerthumbs has been merged into kdemultimedia in KDE 4.3.3.
It is recommended to reinstall kdemultimedia after removing this package.

l/seamonkey-solibs-2.0-i486-3.txz: Rebuilt.

n/nn-6.7.3-i486-3.txz: Rebuilt.
Patched to retrieve hostname from /etc/HOSTNAME, use gpg rather than pgp, and to use correct sizeof(long) depending on the system architecture.
Thanks to Aaron W. Hsu.

n/openssl-0.9.8l-i486-1.txz: Upgraded.
Disables SSL renegotiation.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
(* Security fix *)

xap/seamonkey-2.0-i486-3.txz: Rebuilt.
Restored header files needed to build vlc and other programs.