similar to: Re: [CentOS-announce] Impact of the Debian OpenSSL vulnerability

A severe vulnerability was found in the random number generator (RNG) of the Debian OpenSSL package, starting with version 0.9.8c-1 (and similar packages in derived distributions such as Ubuntu). While this bug is not present in the OpenSSL packages provided by CentOS, it may still affect CentOS users. The bug barred the OpenSSL random number generator from gaining enough entropy required for

Ralph Angenendt <ra+centos at br-online.de> wrote: >> I don't think the OpenSSH devels really do care about that - there is no discussion whatsoever on the secureshell list or on the devel list. No idea about our upstream, but I don't think so either. << Correct: all that needs to be said was said years ago, by Dr. Robert E. Coveyou, of Oak Ridge National Laboratory

I have used fetchmail/procmail/postfix/dovecot/kmail for some time on my mail server, and have set this up on three or four machines in the past. I'm now setting up a new server and having problems. I've reached the thinking-in-circles stage, so need a prompt. The box in question is called borg2.lydgate.lan, and resides at 192.168.0.40. I can ping both borg2.lydgate.lan and

I've just signed a bunch of keys using the caff tools. A few minutes ago they started bouncing back at me, with the above error. Received: by anne-wireless.lydgate.net (Postfix, from userid 500) id CA4B230EF7; Wed, 20 Aug 2008 11:15:39 +0100 (BST) MIME-Version: 1.0 Subject: Your signed PGP key 0x2C4F325BFF906D62 User-Agent: caff 0.0.0.309 - http://pgp-tools.alioth.debian.org/

My daughter needs to send me a large file. It appears that it is getting through my ISP, but being rejected on my CentOS mail server. The message she's getting says A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: anne at localhost SMTP error: 552 5.3.4 Message size exceeds fixed limit

On Thursday 09 Jun 2005 18:09, you wrote: > Tell me everything you can about your setup This is a small home LAN - two boxes running Mandriva 2005LE, four assorted windows boxes and one box running Mandrake 10.0, with samba giving file and print services to the rest. The box called 'david' is the samba client that is my workhorse, and on which I am seeing the problem (although it

https://bugzilla.mindrot.org/show_bug.cgi?id=1469 Summary: Should sshd detect and reject vulnerable SSH keys (re: Debian DSA-1571 and DSA-1576) Classification: Unclassified Product: Portable OpenSSH Version: 5.0p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2

In my blacklist I have: database show ... /blacklist/Manitoba : advertising ... [incoming] ; First, lets take care of telemarketers exten => 4,1,GotoIf(${BLACKLIST()}?blacklisted,s,1) exten => 4,n,Set(goaway=${CALLERID(number):0:2}) exten => 4,n,GotoIf($["${goaway}" = "V4" ]?blacklisted,s,1) exten => 4,n,GotoIf($["${goaway}" = "V3"

Can someone refresh my memory how to backlist caller ID in asterisk 1.8? I had it working in ver. 1.4 but in 1.8 it changed. -- Joseph

Is it true that (dynamic) binaries are vulnerable if and only if they are linked with libssl.so.3, not with libcrypt or libcrypto? Thanks for your help. Andrew.

http://www.cert.org/advisories/CA-2002-27.html -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net

Are there any portions of OpenSSH which utilize vulnerable parts of OpenSSL? I need to know if recompiling against 0.9.6e is necessary. --Eric

We have OpenSSH built against a static version of the OpenSSL library. Do the recent OpenSSL vulnerabilities necessitate a rebuild of OpenSSH? http://www.openssl.org/news/secadv_20030930.txt >From the description of the four bugs, I'm inclined to think not. -- albert chin (china at thewrittenword.com)

Hello. FYI a very serious OpenSSL flaw was made public today. It has implications for existing OpenSSL key material though no direct impact on OpenSSH. For those interested, here's a good description: http://heartbleed.com/ --mancha -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 819 bytes Desc: not

Dear openssh developers, can you please check, whether the vulnerability of openSSL (CVE-2014-0224): http://www.openssl.org/news/secadv_20140605.txt openssh affects? Many thanks Van Cu Truong Tel.: +49 (211) 399 33598 Mobile: +49 (163) 1651728 cu.truongl at atos.net<mailto:cu.truongl at atos.net> Otto-Hahn-Ring 6 81739 M?nchen, Deutschland de.atos.net

Centos 5 is not affected by this bug, so fix is not available. Eero 31.3.2015 9.48 ap. kirjoitti "Venkateswara Rao Dokku" <dvrao.584 at gmail.com>: > Hi All, > > I wanted to fix the openssl vulnerabilities (CVE-2014-3569, CVE-2014-3570, > CVE-2014-3571, CVE-2014-3572) in my CentOS 5.5 and found out that 0.9.8zd > has the fixes I am looking for (from the >

On Fri, May 30, 2014 at 1:53 AM, Evgeniy Stepanov <eugeni.stepanov at gmail.com > wrote: > On Fri, May 30, 2014 at 12:41 AM, Alexey Samsonov <vonosmas at gmail.com> > wrote: > > Hi, > > > > I consider reducing the usage of blacklist in sanitizer instrumentation > > passes and doing the necessary work in frontend (Clang) instead. > > > > Some

Hi, I'm currently at CentOS 5.8. I'm using openssl version openssl-0.9.8e-22.el5. The following vulnerability was reported by a Nessus security scan: "SSL/ TLS Renegotion Handshakes MiTm Plaintext Data Injection" As per following link, Redhat has introduced openssl-0.9.8m which fixes this specific issue:

Hi All, I wanted to fix the openssl vulnerabilities (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572) in my CentOS 5.5 and found out that 0.9.8zd has the fixes I am looking for (from the https://www.openssl.org/news/vulnerabilities.html link). But, When I tried to find the openssl-0.9.8zd rpm package, I did not find it in http://mirror.centos.org/centos/5/updates/x86_64/RPMS/. The

Hi, I consider reducing the usage of blacklist in sanitizer instrumentation passes and doing the necessary work in frontend (Clang) instead. Some of it is already implemented: e.g. Clang will attach an attribute "sanitize_address" to function definition only if this function is not blacklisted. In this case we won't instrument the memory accesses in this function in ASan