[SSA:2024-199-01] openssl
New openssl packages are available for Slackware 15.0 and -current to
fix security issues.
Here are the details from the Slackware 15.0 ChangeLog
patches/packages/openssl-1.1.1za-i586-1_slack15.0.txz: Upgraded.
Apply patches to fix CVEs that were fixed by the 1.1.1{x,y,za} releases that
were only available to subscribers to OpenSSL's premium extended support.
These patches were prepared by backporting commits from the OpenSSL-3.0 repo.
The reported version number has been updated so that vulnerability scanners
calm down. All of these issues were considered to be of low severity.
Thanks to Ken Zalewski for the patches!
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-5678
https://www.cve.org/CVERecord?id=CVE-2024-0727
https://www.cve.org/CVERecord?id=CVE-2024-2511
https://www.cve.org/CVERecord?id=CVE-2024-4741
https://www.cve.org/CVERecord?id=CVE-2024-5535
(* Security fix *)
patches/packages/openssl-solibs-1.1.1za-i586-1_slack15.0.txz: Upgraded.
Where to find the new packages
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated packages for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/openssl-1.1.1za-i586-1_slack15.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/openssl-solibs-1.1.1za-i586-1_slack15.0.txz
Updated packages for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/openssl-1.1.1za-x86_64-1_slack15.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/openssl-solibs-1.1.1za-x86_64-1_slack15.0.txz
Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl11-solibs-1.1.1za-i586-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl11-1.1.1za-i586-1.txz
Updated packages for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl11-solibs-1.1.1za-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl11-1.1.1za-x86_64-1.txz
MD5 signatures
Slackware 15.0 packages:
17a7499e8c2dd1050edf5727e39fcb8a openssl-1.1.1za-i586-1_slack15.0.txz
b3a247626d8822a9bee0890f88bc675c openssl-solibs-1.1.1za-i586-1_slack15.0.txz
Slackware x86_64 15.0 packages:
745b28ea0b2aa0f47783d26aa68c20df openssl-1.1.1za-x86_64-1_slack15.0.txz
1af41bae8d09023bb3ceeb8711a057d8 openssl-solibs-1.1.1za-x86_64-1_slack15.0.txz
Slackware -current packages:
a074c2d960c70836a6d5cbe27d34bd7c a/openssl11-solibs-1.1.1za-i586-1.txz
6ab87d351559e2a1fe859de508c6925a n/openssl11-1.1.1za-i586-1.txz
Slackware x86_64 -current packages:
7a4ce9d3e3c250d91981f7149d2deb9d a/openssl11-solibs-1.1.1za-x86_64-1.txz
cd7509e6d6138daf5480a2936d759b75 n/openssl11-1.1.1za-x86_64-1.txz
Installation instructions
Upgrade the packages as root:
# upgradepkg openssl-1.1.1za-i586-1_slack15.0.txz openssl-solibs-1.1.1za-i586-1_slack15.0.txz
- ID
- SSA:2024-199-01
- Severity
- critical
- Severity from
- CVE-2024-5535
- URL
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2024&m=slackware-security.462281
- Published
-
2024-07-17T19:35:44
(2 months ago) - Modified
-
2024-07-17T19:35:44
(2 months ago) - Rights
- Slackware Linux Security Team
- Other Advisories
-
-
ALAS-2023-1891
-
ALAS2-2023-2350
-
ALAS2-2023-2351
-
ALAS2-2024-2478
-
ALAS2-2024-2479
-
ALAS2-2024-2483
-
ALAS2-2024-2502
-
ALAS2-2024-2539
-
ALAS2-2024-2564
-
ALAS2-2024-2591
-
ALAS2-2024-2604
-
ALAS2-2024-2621
-
ALPINE:CVE-2023-5678
-
ALPINE:CVE-2024-0727
-
ALPINE:CVE-2024-2511
-
ALPINE:CVE-2024-4741
-
ALPINE:CVE-2024-5535
-
ALSA-2023:7877
-
ALSA-2024:2447
-
ELSA-2023-7877
-
ELSA-2024-12056
-
ELSA-2024-2447
-
FREEBSD:10DEE731-C069-11EE-9190-84A93843EB75
-
FREEBSD:21F505F4-6A1C-11EF-B611-84A93843EB75
-
FREEBSD:73A697D7-1D0F-11EF-A490-84A93843EB75
-
FREEBSD:7C217849-F7D7-11EE-A490-84A93843EB75
-
FREEBSD:A5956603-7E4F-11EE-9DF6-84A93843EB75
-
RHSA-2023:7877
-
RHSA-2024:2447
-
SUSE-SU-2023:4488-1
-
SUSE-SU-2023:4489-1
-
SUSE-SU-2023:4518-1
-
SUSE-SU-2023:4519-1
-
SUSE-SU-2023:4520-1
-
SUSE-SU-2023:4521-1
-
SUSE-SU-2023:4522-1
-
SUSE-SU-2023:4523-1
-
SUSE-SU-2023:4524-1
-
SUSE-SU-2023:4593-1
-
SUSE-SU-2023:4635-1
-
SUSE-SU-2023:4649-1
-
SUSE-SU-2023:4918-1
-
SUSE-SU-2023:4919-1
-
SUSE-SU-2024:0518-1
-
SUSE-SU-2024:0549-1
-
SUSE-SU-2024:0813-1
-
SUSE-SU-2024:0814-1
-
SUSE-SU-2024:0815-1
-
SUSE-SU-2024:0831-1
-
SUSE-SU-2024:0832-1
-
SUSE-SU-2024:0833-1
-
SUSE-SU-2024:0840-1
-
SUSE-SU-2024:0841-1
-
SUSE-SU-2024:0842-1
-
SUSE-SU-2024:1633-1
-
SUSE-SU-2024:1634-1
-
SUSE-SU-2024:1808-1
-
SUSE-SU-2024:1947-1
-
SUSE-SU-2024:1949-1
-
SUSE-SU-2024:2020-1
-
SUSE-SU-2024:2035-1
-
SUSE-SU-2024:2036-1
-
SUSE-SU-2024:2051-1
-
SUSE-SU-2024:2051-2
-
SUSE-SU-2024:2059-1
-
SUSE-SU-2024:2066-1
-
SUSE-SU-2024:2088-1
-
SUSE-SU-2024:2089-1
-
SUSE-SU-2024:2197-1
-
SUSE-SU-2024:2271-1
-
SUSE-SU-2024:2635-1
-
SUSE-SU-2024:2761-1
-
SUSE-SU-2024:2891-1
-
SUSE-SU-2024:2909-1
-
SUSE-SU-2024:2927-1
-
SUSE-SU-2024:2931-1
-
SUSE-SU-2024:2933-1
-
SUSE-SU-2024:2953-1
-
SUSE-SU-2024:2989-1
-
SUSE-SU-2024:2991-1
-
SUSE-SU-2024:3019-1
-
SUSE-SU-2024:3119-1
-
USN-6622-1
-
USN-6632-1
-
USN-6709-1
-
USN-6937-1
-
USN-7018-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:slackbuild/slackware/openssl?arch=x86_64&distro=slackware64-15.0 | slackware |
 openssl
|
< 1.1.1za | slackware64-15.0 | x86_64 | |
| Affected | pkg:slackbuild/slackware/openssl?arch=i586&distro=slackware-15.0 | slackware |
openssl
|
< 1.1.1za | slackware-15.0 | i586 | |
| Affected | pkg:slackbuild/slackware/openssl11?arch=x86_64&distro=slackware64-current | slackware |
openssl11
|
< 1.1.1za | slackware64-current | x86_64 | |
| Affected | pkg:slackbuild/slackware/openssl11?arch=i586&distro=slackware-current | slackware |
openssl11
|
< 1.1.1za | slackware-current | i586 | |
| Affected | pkg:slackbuild/slackware/openssl11-solibs?arch=x86_64&distro=slackware64-current | slackware |
openssl11-solibs
|
< 1.1.1za | slackware64-current | x86_64 | |
| Affected | pkg:slackbuild/slackware/openssl11-solibs?arch=i586&distro=slackware-current | slackware |
openssl11-solibs
|
< 1.1.1za | slackware-current | i586 | |
| Affected | pkg:slackbuild/slackware/openssl-solibs?arch=x86_64&distro=slackware64-15.0 | slackware |
openssl-solibs
|
< 1.1.1za | slackware64-15.0 | x86_64 | |
| Affected | pkg:slackbuild/slackware/openssl-solibs?arch=i586&distro=slackware-15.0 | slackware |
openssl-solibs
|
< 1.1.1za | slackware-15.0 | i586 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |