[Vms.sig-hu] FW: [ANNOUNCEMENT] Secure Web Server Security Patch kits
are available for download (fwd)
Fodor Zsuzsa
fodor31 at freemail.hu
2004. Jan. 15., Cs, 10:43:29 CET
[ANNOUNCEMENT] Secure Web Server for OpenVMS Security Patch Kits
Security patch kits for Secure Web Server for OpenVMS version 1.2 and
1.3 are available for download from
http://h71000.www7.hp.com/openvms/products/ips/apache/csws_patc
hes.html:
CSWS13_UPDATE V4.0
CSWS12_UPDATE V7.0
These kits contain fixes for the following OpenSSL vulnerabilities:
OpenSSL vulnerabilities: ASN.1 vulnerbailities
(CERT advisory CA-2003-26, CVE advisories CAN-2003-0543,
CAN-2003-0544, CAN-2003-0545)
The OpenSSL library included in this kit contains OpenSSL
version 0.9.6g with the above patches.
For additional information, see:
http://www.openssl.org/news/secadv_20030930.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0543
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0544
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0545
http://www.cert.org/advisories/CA-2003-26.html
Rick Barry
Hewlett Packard Company Secure Web Server Project Team
110 Spit Brook Road OpenVMS System Software Group
Nashua, NH 03062 Business Critical Server Group
(603) 884-0634
További információk a(z) VMS.SIG-hu levelezőlistáról