11.5 C
London
Sunday, October 22, 2017

RHSA-2014:0627-1: Important: openssl security update

Red Hat Enterprise Linux ELS (v. 4) SRPMS: openssl-0.9.7a-43.22.el4.src.rpm     MD5: 17bf6c1b899425a7d8b4c81210c51efaSHA-256: 3641f7f41c2c2b6710338c694a63381626c2b7f75d66e8cae549eff7e81e1825   IA-32: openssl-0.9.7a-43.22.el4.i386.rpm     MD5: 49b1bf276a6e037611fc81c1a1c8f938SHA-256: 37c62f3bd62d671ff02f58662304c15ef15c8962b3bf2538a71da3a5ddb8bbb0 openssl-0.9.7a-43.22.el4.i686.rpm     MD5: 20f0c8b58cfa7332babdc60db589e8b2SHA-256: e0b0bf36e912930a5644016678daffe19d31e6839fbb2bc30baca6fc0ed98095 openssl-devel-0.9.7a-43.22.el4.i386.rpm     MD5: 0a17808ae85a4f668be256d13427cdc4SHA-256: 57d787d56b4e6751edfdf84d1a43d459a3f7d01f9e836b0d817a909935b3a6b2 openssl-perl-0.9.7a-43.22.el4.i386.rpm     MD5: 18f2d015efe54cf029fcbf282410eb16SHA-256: 964e754547b8ae3a3448f4d5b12097bc6cf600b466f787f6361471172849dd73   IA-64: openssl-0.9.7a-43.22.el4.i686.rpm     MD5: 20f0c8b58cfa7332babdc60db589e8b2SHA-256: e0b0bf36e912930a5644016678daffe19d31e6839fbb2bc30baca6fc0ed98095 openssl-0.9.7a-43.22.el4.ia64.rpm     MD5: 54955c45c253c898d41eec037aedd13bSHA-256: 5c2be75e05606a8884ea68e588ee7732e26d5dbbf20d513b7a2c522841577e4f openssl-devel-0.9.7a-43.22.el4.ia64.rpm     MD5: 76f548bd5ac042ad71c33a1281917686SHA-256: cae3dd37f31861a47f9b524042e0643eb09cf71590ced4d8bad5e68e12e59b7f openssl-perl-0.9.7a-43.22.el4.ia64.rpm     MD5: 3dcc46b4e10379045865b941e705eda4SHA-256: 3b9af076a586a6b85521cbc53ce3be255e9de03e42be188aec6eedc12b2f0c60   x86_64: openssl-0.9.7a-43.22.el4.i686.rpm     MD5: 20f0c8b58cfa7332babdc60db589e8b2SHA-256: e0b0bf36e912930a5644016678daffe19d31e6839fbb2bc30baca6fc0ed98095 openssl-0.9.7a-43.22.el4.x86_64.rpm     MD5: 60f2e587ed45524b5fb65e71321a25d9SHA-256: 406501cf98618b71c69595eaaf20701eeb8f7447923fa0463ddba4ca5b083453 openssl-devel-0.9.7a-43.22.el4.i386.rpm     MD5: 0a17808ae85a4f668be256d13427cdc4SHA-256: 57d787d56b4e6751edfdf84d1a43d459a3f7d01f9e836b0d817a909935b3a6b2 openssl-devel-0.9.7a-43.22.el4.x86_64.rpm     MD5: 5c679f2fb2df78b0754291458d959936SHA-256: 26152b4a70f24a8b07696cd7f46864f119fc9632df299270200900a052f579e0 openssl-perl-0.9.7a-43.22.el4.x86_64.rpm     MD5: a7a110f62ba2cf01177ea984303ac5aaSHA-256: 7ad832a902b8ab9ddb2b28b767b9eff53e8162462a818edd4c988f4c991cdf68   Red Hat Enterprise Linux EUS (v. 5.9.z server) SRPMS: openssl-0.9.8e-26.el5_9.4.src.rpm     MD5: c192647e844cd6568580f9b0efac330fSHA-256: 7894cf1b7ee880433afbf147b532bdee488ee18477275ba9dd20df8ec90cbbb1   IA-32: openssl-0.9.8e-26.el5_9.4.i386.rpm     MD5: 066fa7c6a5e45d13ebd0b21f3ce0f5a3SHA-256: 9ed34f5722ea42f4ea054e75e05b6df8602fc0f8d72422289861370fb82c5e77 openssl-0.9.8e-26.el5_9.4.i686.rpm     MD5: 971a1686558768ab4f3d742064179625SHA-256: cdc7d1e1408cb5616ced42247bb70e40ec5f8b98667420f15fa04349607eb334 openssl-debuginfo-0.9.8e-26.el5_9.4.i386.rpm     MD5: 6a06635d007a39bf3e2ca7d8dd237471SHA-256: 59a5422b46a7900e2960985fc37de505aa8f3ab28f19f82427723bf03d26bf24 openssl-debuginfo-0.9.8e-26.el5_9.4.i686.rpm     MD5: 83bab61f09ff15d3b38ef3f7d45dbbaeSHA-256: 2d459537da138f3a5404d34105104c4c1957b36b780b1fbcb7786864830be89c openssl-devel-0.9.8e-26.el5_9.4.i386.rpm     MD5: ccbe59538439a8d2bbc6797f3fd72d6dSHA-256: 238c6a419e8be6768204d5527fdf0e591722a6581ef51bc8f6ac917d60415be5 openssl-perl-0.9.8e-26.el5_9.4.i386.rpm     MD5: 062ff7cc47f7802c785847c7758b1cfaSHA-256: cb7e3752892d116c54d77eadf5c56c94bb06f7aa3be235f6759f09182d718236   IA-64: openssl-0.9.8e-26.el5_9.4.i686.rpm     MD5: 971a1686558768ab4f3d742064179625SHA-256: cdc7d1e1408cb5616ced42247bb70e40ec5f8b98667420f15fa04349607eb334 openssl-0.9.8e-26.el5_9.4.ia64.rpm     MD5: 0b9197b3d685a2df84916689d9eaedbaSHA-256: a91999ee0050688b5a9e57d1a9771d5496c38a658b02acc66fabc6548d8898b1 openssl-debuginfo-0.9.8e-26.el5_9.4.i686.rpm     MD5: 83bab61f09ff15d3b38ef3f7d45dbbaeSHA-256: 2d459537da138f3a5404d34105104c4c1957b36b780b1fbcb7786864830be89c openssl-debuginfo-0.9.8e-26.el5_9.4.ia64.rpm     MD5: 19c7daa2f1997d99a8caef666fe8e3b1SHA-256: 8325dbf3a0ac8b1d6e7e8d00fd0de840dc46065314e0678476e180a4413bf05d openssl-devel-0.9.8e-26.el5_9.4.ia64.rpm     MD5: 4e0bccd1bf67b9f90be2dda1f01176d3SHA-256: a8a6f8ce8b6efbece19cfdf7c40198a76e8fa98b398b402588233f93149cd4ed openssl-perl-0.9.8e-26.el5_9.4.ia64.rpm     MD5: 895184ab41bb17ed91336ff90a27cd70SHA-256: 69528632d2cdeae148c09e3289d4e5842e9d00f0643aaeb588a9ed422e392d5c   PPC: openssl-0.9.8e-26.el5_9.4.ppc.rpm     MD5: b819636061356bac503c66d74a449f0aSHA-256: 01da6b4fa0045f4355151023f366b241c78706d8e79a5dd19577fe047293469c openssl-0.9.8e-26.el5_9.4.ppc64.rpm     MD5: eb1e0b2f302d2fba770990603c283582SHA-256: 816c186c02759bf79f981eb777ff6153a5ceecec4bb0bdb133e40522a05652ee openssl-debuginfo-0.9.8e-26.el5_9.4.ppc.rpm     MD5: b6fe38dc56599195e7c6e393f9994891SHA-256: 83979edaea50c5dd27f45a0d73bed8485a5d0402707d43f6b27d1ac49c3efa06 openssl-debuginfo-0.9.8e-26.el5_9.4.ppc64.rpm     MD5: d77fdd620367aa32e345b713c28692d9SHA-256: 224f8b31b8852faff3ad0445efaffed97118945cca205e40bee9907e4e953f4e openssl-devel-0.9.8e-26.el5_9.4.ppc.rpm     MD5: befb2614dba501f2e06fc4e3bee70825SHA-256: e738fd5451f14f6a8518d93f3c5d120d1a8465997cfcbef856988901e5c59716 openssl-devel-0.9.8e-26.el5_9.4.ppc64.rpm     MD5: 2b122d8918e8598ea4c1c80b99bc9eb4SHA-256: dc4f8a8ac711d65e3bd4287497094edf239e14671f5e741ec7114753487bbe6e openssl-perl-0.9.8e-26.el5_9.4.ppc.rpm     MD5: ec25c5625c418cb23fd590100e33c7abSHA-256: 4de89889f609d54d5051c7c2497024fa0f1cd348f93900c316e0e04c6774bf04   s390x: openssl-0.9.8e-26.el5_9.4.s390.rpm     MD5: 29518651d28522e2baced0a526c76f73SHA-256: 66d165a377b9c5836a4cccb920fed191423e065893d7bbf180a2b192332b0ea2 openssl-0.9.8e-26.el5_9.4.s390x.rpm     MD5: 1af98abcf8c17965cc069c1d0e745b12SHA-256: 8215cf783fa04f7fe50a97ccdd38aca925342c983cc0453d6bcc9bc4633a6a63 openssl-debuginfo-0.9.8e-26.el5_9.4.s390.rpm     MD5: 967bdcf7b4a2efeb73d001dd5b834731SHA-256: 65ef47ef5459f157d652d20cc29ad00030520d725432c56418138238a5a4e808 openssl-debuginfo-0.9.8e-26.el5_9.4.s390x.rpm     MD5: 12e2a57abb5580784ed9873da4ec0064SHA-256: 33d0223ddea18776b9a7f5f5cadf0a6b0a89de1955594f1129b633308f5807c4 openssl-devel-0.9.8e-26.el5_9.4.s390.rpm     MD5: 6dfce295435cc794185f39a1adf6cf19SHA-256: fec89120643d4263e192f326aea910f7bf39267c33d43f745daa6d0d79447215 openssl-devel-0.9.8e-26.el5_9.4.s390x.rpm     MD5: cee37c30179d425f05e71d095a4c8e98SHA-256: b3399e8d1ea1baacef55ed14b3b5603a43728c791afcf3c7ce2806e9976c582f openssl-perl-0.9.8e-26.el5_9.4.s390x.rpm     MD5: 06dba30adb3f9884f407cba0fb0bd611SHA-256: 3d44b3ec760cd7ea9247cfb3476d573146c55bd9095398a40992b80ad9f5cc8c   x86_64: openssl-0.9.8e-26.el5_9.4.i686.rpm     MD5: 971a1686558768ab4f3d742064179625SHA-256: cdc7d1e1408cb5616ced42247bb70e40ec5f8b98667420f15fa04349607eb334 openssl-0.9.8e-26.el5_9.4.x86_64.rpm     MD5: 4c9eb6b24c5db216c48f9ef5540b7dcaSHA-256: a8814431614f2d8356d199e14cc84615936b1ab206ceed2d43c90f7775495d44 openssl-debuginfo-0.9.8e-26.el5_9.4.i386.rpm     MD5: 6a06635d007a39bf3e2ca7d8dd237471SHA-256: 59a5422b46a7900e2960985fc37de505aa8f3ab28f19f82427723bf03d26bf24 openssl-debuginfo-0.9.8e-26.el5_9.4.i686.rpm     MD5: 83bab61f09ff15d3b38ef3f7d45dbbaeSHA-256: 2d459537da138f3a5404d34105104c4c1957b36b780b1fbcb7786864830be89c openssl-debuginfo-0.9.8e-26.el5_9.4.x86_64.rpm     MD5: 5ac27eb9bdea6f7501b4d794571acca6SHA-256: d31c7aa08d1d4d39aa7d691ae2904bce4b0beccce0c23b634a01c421ce429488 openssl-devel-0.9.8e-26.el5_9.4.i386.rpm     MD5: ccbe59538439a8d2bbc6797f3fd72d6dSHA-256: 238c6a419e8be6768204d5527fdf0e591722a6581ef51bc8f6ac917d60415be5 openssl-devel-0.9.8e-26.el5_9.4.x86_64.rpm     MD5: c7d3bec0d7ff105314a12c5a5be29e8fSHA-256: 9cb74c050f8b7509d005bff73182c3cf76feff56bdffd6c5bcc47ed0dbfbcf2b openssl-perl-0.9.8e-26.el5_9.4.x86_64.rpm     MD5: d5069c1f38a24f7450a86efbfc16c589SHA-256: f327a0d8bd96f74b0aeb4274cf53251135588394d5be162b04147b5423aa3ac7   Red Hat Enterprise Linux Long Life (v. 5.6 server) SRPMS: openssl-0.9.8e-12.el5_6.12.src.rpm     MD5: 8186016da3c825714e1d8763e85a2bffSHA-256: 9d934ff4e1a26cbe617791edd91aeb5beaa510d356912f4463d9558bf9b23095   IA-32: openssl-0.9.8e-12.el5_6.12.i386.rpm     MD5: 46ad2a85dfdbf2fc46cef83591d0d846SHA-256: 14f744ad6f7309770cc4b4543a9438329cb42e4a59aa67d5261cb1c49bd728c2 openssl-0.9.8e-12.el5_6.12.i686.rpm     MD5: 66c87112d918225092032c8e3e35f279SHA-256: a3601888ab5fd5b6c6d0bbd97bcdbf4a1fd060504f2a4e750a3f850a44e0e811 openssl-debuginfo-0.9.8e-12.el5_6.12.i386.rpm     MD5: 0ae0504d55116bfb45de89b2dcec0e4cSHA-256: 5a07ea57caf28ee10184a91b3000d586b7881cf567db0db223511e2a765ffef4 openssl-debuginfo-0.9.8e-12.el5_6.12.i686.rpm     MD5: 1007c868f5c6a2a5ffb85d8d08def870SHA-256: eb2e16c1f52ea26255ec356a05d9758836342570ae10141d19ddf7b36fe4204f openssl-devel-0.9.8e-12.el5_6.12.i386.rpm     MD5: dda73af3a8ede8345b4a6e4179d08f05SHA-256: d40de31ea4b66489f6a0e82a6fa7c8e72313e78de85ba59c2f0fff4201f0afbf openssl-perl-0.9.8e-12.el5_6.12.i386.rpm     MD5: 060e7f0cde0fce7d61b96abf0b9698f1SHA-256: 863880c6a1c62bca4b7a23b6bdf5547a7c15e513f0a547d7c20362c4ed9ecb65   IA-64: openssl-0.9.8e-12.el5_6.12.i686.rpm     MD5: 66c87112d918225092032c8e3e35f279SHA-256: a3601888ab5fd5b6c6d0bbd97bcdbf4a1fd060504f2a4e750a3f850a44e0e811 openssl-0.9.8e-12.el5_6.12.ia64.rpm     MD5: 473c25bdba731262658652ccb17607c8SHA-256: 029a8600ddb26b0a000c83f5a37e6033d7574eaabdab209977e5218bf83d3ab9 openssl-debuginfo-0.9.8e-12.el5_6.12.i686.rpm     MD5: 1007c868f5c6a2a5ffb85d8d08def870SHA-256: eb2e16c1f52ea26255ec356a05d9758836342570ae10141d19ddf7b36fe4204f openssl-debuginfo-0.9.8e-12.el5_6.12.ia64.rpm     MD5: aba1dc84c19da04b0d11025fb6fd4dddSHA-256: eb3fe9e2b9c0b0a69065cf33bbd717de45ed99fc45697185ca53cc44f1b11838 openssl-devel-0.9.8e-12.el5_6.12.ia64.rpm     MD5: 4d3d40fe0b8cdca110117d4d252c6c99SHA-256: 38524ed521f29ffa0596c2d7dce7191f1d82b21b87de6ebd1c34654d08d2add6 openssl-perl-0.9.8e-12.el5_6.12.ia64.rpm     MD5: b4ce0d145c1ab98b01344e1186340391SHA-256: e53d900894bac33442c835e7c1dc8e340a12b98cbed8cf5e14c8383c82ce85d2   x86_64: openssl-0.9.8e-12.el5_6.12.i686.rpm     MD5: 66c87112d918225092032c8e3e35f279SHA-256: a3601888ab5fd5b6c6d0bbd97bcdbf4a1fd060504f2a4e750a3f850a44e0e811 openssl-0.9.8e-12.el5_6.12.x86_64.rpm     MD5: fb75e518cdcddaf9a5d0d59339209c1aSHA-256: 99178bd5c8dfaa3c3bd5b9994ef70f5bab913cbb073a8f4d497caada3d0366ce openssl-debuginfo-0.9.8e-12.el5_6.12.i386.rpm     MD5: 0ae0504d55116bfb45de89b2dcec0e4cSHA-256: 5a07ea57caf28ee10184a91b3000d586b7881cf567db0db223511e2a765ffef4 openssl-debuginfo-0.9.8e-12.el5_6.12.i686.rpm     MD5: 1007c868f5c6a2a5ffb85d8d08def870SHA-256: eb2e16c1f52ea26255ec356a05d9758836342570ae10141d19ddf7b36fe4204f openssl-debuginfo-0.9.8e-12.el5_6.12.x86_64.rpm     MD5: 630061f264250904a5ae81b72e831a1eSHA-256: cf3064598ac1808756b9e9a20a0a8a5e543e8792f0934f49640a9c159c20c7df openssl-devel-0.9.8e-12.el5_6.12.i386.rpm     MD5: dda73af3a8ede8345b4a6e4179d08f05SHA-256: d40de31ea4b66489f6a0e82a6fa7c8e72313e78de85ba59c2f0fff4201f0afbf openssl-devel-0.9.8e-12.el5_6.12.x86_64.rpm     MD5: cc97acd13d66f98a2c71d886c977d95bSHA-256: e7bdb053ea8ee188ef3939afc4ab0082c2ab8ea0097a9d2bd078f3facc3b8add openssl-perl-0.9.8e-12.el5_6.12.x86_64.rpm     MD5: 8bef660cd13942449cebcc124fe12859SHA-256: dd6ebf61422be0d30965b20f97503eb16ad47d4d5cbc4c7be26c462019791cbc   Red Hat Enterprise Linux Long Life (v. 5.9 server) SRPMS: openssl-0.9.8e-26.el5_9.4.src.rpm     MD5: c192647e844cd6568580f9b0efac330fSHA-256: 7894cf1b7ee880433afbf147b532bdee488ee18477275ba9dd20df8ec90cbbb1   IA-32: openssl-0.9.8e-26.el5_9.4.i386.rpm     MD5: 066fa7c6a5e45d13ebd0b21f3ce0f5a3SHA-256: 9ed34f5722ea42f4ea054e75e05b6df8602fc0f8d72422289861370fb82c5e77 openssl-0.9.8e-26.el5_9.4.i686.rpm     MD5: 971a1686558768ab4f3d742064179625SHA-256: cdc7d1e1408cb5616ced42247bb70e40ec5f8b98667420f15fa04349607eb334 openssl-debuginfo-0.9.8e-26.el5_9.4.i386.rpm     MD5: 6a06635d007a39bf3e2ca7d8dd237471SHA-256: 59a5422b46a7900e2960985fc37de505aa8f3ab28f19f82427723bf03d26bf24 openssl-debuginfo-0.9.8e-26.el5_9.4.i686.rpm     MD5: 83bab61f09ff15d3b38ef3f7d45dbbaeSHA-256: 2d459537da138f3a5404d34105104c4c1957b36b780b1fbcb7786864830be89c openssl-devel-0.9.8e-26.el5_9.4.i386.rpm     MD5: ccbe59538439a8d2bbc6797f3fd72d6dSHA-256: 238c6a419e8be6768204d5527fdf0e591722a6581ef51bc8f6ac917d60415be5 openssl-perl-0.9.8e-26.el5_9.4.i386.rpm     MD5: 062ff7cc47f7802c785847c7758b1cfaSHA-256: cb7e3752892d116c54d77eadf5c56c94bb06f7aa3be235f6759f09182d718236   IA-64: openssl-0.9.8e-26.el5_9.4.i686.rpm     MD5: 971a1686558768ab4f3d742064179625SHA-256: cdc7d1e1408cb5616ced42247bb70e40ec5f8b98667420f15fa04349607eb334 openssl-0.9.8e-26.el5_9.4.ia64.rpm     MD5: 0b9197b3d685a2df84916689d9eaedbaSHA-256: a91999ee0050688b5a9e57d1a9771d5496c38a658b02acc66fabc6548d8898b1 openssl-debuginfo-0.9.8e-26.el5_9.4.i686.rpm     MD5: 83bab61f09ff15d3b38ef3f7d45dbbaeSHA-256: 2d459537da138f3a5404d34105104c4c1957b36b780b1fbcb7786864830be89c openssl-debuginfo-0.9.8e-26.el5_9.4.ia64.rpm     MD5: 19c7daa2f1997d99a8caef666fe8e3b1SHA-256: 8325dbf3a0ac8b1d6e7e8d00fd0de840dc46065314e0678476e180a4413bf05d openssl-devel-0.9.8e-26.el5_9.4.ia64.rpm     MD5: 4e0bccd1bf67b9f90be2dda1f01176d3SHA-256: a8a6f8ce8b6efbece19cfdf7c40198a76e8fa98b398b402588233f93149cd4ed openssl-perl-0.9.8e-26.el5_9.4.ia64.rpm     MD5: 895184ab41bb17ed91336ff90a27cd70SHA-256: 69528632d2cdeae148c09e3289d4e5842e9d00f0643aaeb588a9ed422e392d5c   x86_64: openssl-0.9.8e-26.el5_9.4.i686.rpm     MD5: 971a1686558768ab4f3d742064179625SHA-256: cdc7d1e1408cb5616ced42247bb70e40ec5f8b98667420f15fa04349607eb334 openssl-0.9.8e-26.el5_9.4.x86_64.rpm     MD5: 4c9eb6b24c5db216c48f9ef5540b7dcaSHA-256: a8814431614f2d8356d199e14cc84615936b1ab206ceed2d43c90f7775495d44 openssl-debuginfo-0.9.8e-26.el5_9.4.i386.rpm     MD5: 6a06635d007a39bf3e2ca7d8dd237471SHA-256: 59a5422b46a7900e2960985fc37de505aa8f3ab28f19f82427723bf03d26bf24 openssl-debuginfo-0.9.8e-26.el5_9.4.i686.rpm     MD5: 83bab61f09ff15d3b38ef3f7d45dbbaeSHA-256: 2d459537da138f3a5404d34105104c4c1957b36b780b1fbcb7786864830be89c openssl-debuginfo-0.9.8e-26.el5_9.4.x86_64.rpm     MD5: 5ac27eb9bdea6f7501b4d794571acca6SHA-256: d31c7aa08d1d4d39aa7d691ae2904bce4b0beccce0c23b634a01c421ce429488 openssl-devel-0.9.8e-26.el5_9.4.i386.rpm     MD5: ccbe59538439a8d2bbc6797f3fd72d6dSHA-256: 238c6a419e8be6768204d5527fdf0e591722a6581ef51bc8f6ac917d60415be5 openssl-devel-0.9.8e-26.el5_9.4.x86_64.rpm     MD5: c7d3bec0d7ff105314a12c5a5be29e8fSHA-256: 9cb74c050f8b7509d005bff73182c3cf76feff56bdffd6c5bcc47ed0dbfbcf2b openssl-perl-0.9.8e-26.el5_9.4.x86_64.rpm     MD5: d5069c1f38a24f7450a86efbfc16c589SHA-256: f327a0d8bd96f74b0aeb4274cf53251135588394d5be162b04147b5423aa3ac7   Red Hat Enterprise Linux Server AUS (v. 6.2) SRPMS: openssl-1.0.0-20.el6_2.7.src.rpm     MD5: 51fd0069ef47db0533bdf4ad1981172cSHA-256: 8e48cfdc5d6dee447bf39af3b618bd4bb9cfd3efc8f858cf53b80147d4d65ef8   x86_64: openssl-1.0.0-20.el6_2.7.i686.rpm     MD5: baf87bdbb6aafc37002ec3cbc0467c60SHA-256: d1e9f688ccdfeb1fec1810a169504a26c4692ec011130fbdd3f64389f38ca99c openssl-1.0.0-20.el6_2.7.x86_64.rpm     MD5: 3b41b95d0969aba9d0a25caa2ace516cSHA-256: 06251116b90e9972e7aec8add4922482c344aa1e0cf037e4d4abc42e2f54b48d openssl-debuginfo-1.0.0-20.el6_2.7.i686.rpm     MD5: 5a87f716f11a4f1dd22f31ab403bfaf2SHA-256: fed4f39adbf23268afed4ab9f83db18771c017c20db0d8a9b4da8cce1eae07f5 openssl-debuginfo-1.0.0-20.el6_2.7.x86_64.rpm     MD5: 0a2af3aa2d25ebdba1f7523cfe38aea8SHA-256: 82bae1e7d79c13f1f34e99529efa08edbc9830048d808e0ae549811bdafc5a58 openssl-devel-1.0.0-20.el6_2.7.i686.rpm     MD5: ce7cdb08734edf789dc26ede47aabeddSHA-256: 1d4cc9a9c40dd6eed9b6742c53ecd251b71ffd8d11c0ec13235c1a1ae12b17f9 openssl-devel-1.0.0-20.el6_2.7.x86_64.rpm     MD5: 78bcc4b2cc25bce6bb294c509ef99932SHA-256: 6ec1ca1256462c754ea6d84fd9f02ef08ddbf30b020f57e1c0682fd360d5319b openssl-perl-1.0.0-20.el6_2.7.x86_64.rpm     MD5: 46967222403ba2645595306543f71f13SHA-256: 1184604633478a1f0299d03c0133ac2e4376a22e93b96183b259f2758eddf756 openssl-static-1.0.0-20.el6_2.7.x86_64.rpm     MD5: b2e0a4fe4b1538e7df2049fc705460dcSHA-256: 5187328409bd7f877ded37c27673647394a11415bf0cf2468dedca83d723cb87   Red Hat Enterprise Linux Server AUS (v. 6.4) SRPMS: openssl-1.0.0-27.el6_4.4.src.rpm     MD5: 61fca093d91d78f58d0167cdea1ff986SHA-256: 80db822460fd4090d9be49f478c695c7e632070046c5b15cb201efb65dfcc758   x86_64: openssl-1.0.0-27.el6_4.4.i686.rpm     MD5: 48ea4731c635100b122ea9fac93f9cddSHA-256: 0afb02b326a15ab3d23e47f84bf491af620bb41b8eba331def0acaa9a0115d04 openssl-1.0.0-27.el6_4.4.x86_64.rpm     MD5: 9fff3a3394ca908eaf7ae2c0a67169caSHA-256: 59922f63f5e267dc259fab6316c7655de92dca5c5de5f1aeac672d3b13e12b82 openssl-debuginfo-1.0.0-27.el6_4.4.i686.rpm     MD5: e58cb39838a4f3bac020167c81f5ffe3SHA-256: 9c323a035e5ce39f2fe217a9d449dab395355829a6010ef0240a13b773a3cfc5 openssl-debuginfo-1.0.0-27.el6_4.4.x86_64.rpm     MD5: de1e31c6e27b7f3f6b64cd34c045f4daSHA-256: a03d9778ffd7c86ecb8c7691c1190eb1b1758f263116eed68f009a28afe7b9f5 openssl-devel-1.0.0-27.el6_4.4.i686.rpm     MD5: 57e83d040b3c3f8a073b64731281d1f5SHA-256: e11d91d6a943ed9a72337d298948cda2fd0dcab118fd1f3e57010bb862a9ae77 openssl-devel-1.0.0-27.el6_4.4.x86_64.rpm     MD5: 47dc101ea2313a3836e694bfda2994daSHA-256: 3cb4aa653974a86503de6c40295b4a9fe5aac0fa9df981f90f6c23a468aa5471 openssl-perl-1.0.0-27.el6_4.4.x86_64.rpm     MD5: a4e0f857bd5847e596bbe15ab365d65cSHA-256: 1a52f4143e51d9017570cf6c105fc777a4479b433e23b31848465b00bec1bde4 openssl-static-1.0.0-27.el6_4.4.x86_64.rpm     MD5: 1b43fca45d70ff90cbd98992b8180399SHA-256: d3c40252e0c0d26ce689eb19f920d3c90a85fd138675f13d789c67db248b8462   Red Hat Enterprise Linux Server EUS (v. 6.3.z) SRPMS: openssl-1.0.0-25.el6_3.3.src.rpm     MD5: 1fcf0c64146107414964db4c3d1d8fefSHA-256: 59cd24ee0fffe515fe1fcc38a905c32b8d22be323c162c81f21f05a9c9900a41   IA-32: openssl-1.0.0-25.el6_3.3.i686.rpm     MD5: 8c608c9562eefa636fa9f8f45f4d52eaSHA-256: b74b789baae9d25075ae1f8298cb06756becdb64d6746489af535a724c3d6c32 openssl-debuginfo-1.0.0-25.el6_3.3.i686.rpm     MD5: 676187d219434457314c0a693b94dfaaSHA-256: 9e9bf5524e635f2a0fcd958a9ba07654b9b8a909e00a120d955325bd8eaea21f openssl-devel-1.0.0-25.el6_3.3.i686.rpm     MD5: 00d689645063a41b9d0a29830ede6f6dSHA-256: 41d2f10916977024fc74a250c18f9b412f1fc5c2afd4b302b973846b6cf1d9c3 openssl-perl-1.0.0-25.el6_3.3.i686.rpm     MD5: 42c750ac261ef9ad0541e98e663d80d4SHA-256: 2f0457a2e78f42b252731bc676a3183e279d50f5e4c055cbc79de3e4f1d08a78 openssl-static-1.0.0-25.el6_3.3.i686.rpm     MD5: 735f0185d53a36633bf69d729e685287SHA-256: e4296d78ae4f84d168a4959deb7b806e73882adbacdca5605b1a0f5cda982332   PPC: openssl-1.0.0-25.el6_3.3.ppc.rpm     MD5: f9c1a7ef13ef3ce4f77e392512386edfSHA-256: ae0dca33a12bd5704e8808b100deff11b55f11619ba23b0438f4c3c7279c1abd openssl-1.0.0-25.el6_3.3.ppc64.rpm     MD5: e2ec4355dfa7c2ad5aa2e5d3313efe49SHA-256: 0d20e5530872b69001a20280bc665cc69c646833b49a6ee2dd157af2c1e66cba openssl-debuginfo-1.0.0-25.el6_3.3.ppc.rpm     MD5: 73bf254e1a370dbc1bcf796215905385SHA-256: edf1229187ab281bb4d4c704487d15d3d3d67a319ac5d341740068eddb03b638 openssl-debuginfo-1.0.0-25.el6_3.3.ppc64.rpm     MD5: 8efc5bf21b272794f67163a239e3ec77SHA-256: 8be9520bf93e7a78c1b57e27e41e9e867c8129fe18ecab3a9f084564e9f0c672 openssl-devel-1.0.0-25.el6_3.3.ppc.rpm     MD5: 433bdfe7e6e9f08610a9a34d2a7810e1SHA-256: e05ac7075eaa3661fb964c2bf972120ec35e27660b1193b4b8fbf382897ad61e openssl-devel-1.0.0-25.el6_3.3.ppc64.rpm     MD5: 69d3cb555590d7a0de9a7d9c3c93aa01SHA-256: da6f7ab051ee729868444114267d591fe04e2e4f907279eda58fa8fe4f00b133 openssl-perl-1.0.0-25.el6_3.3.ppc64.rpm     MD5: d8429c8707bb16c3bb8e373b55a96753SHA-256: fcd60f29afb8643413b19bb3012dda716470a3f64cbda74a548871b7121d2b62 openssl-static-1.0.0-25.el6_3.3.ppc64.rpm     MD5: 2f0ddf4516dccd3cc714e81f24e59ed3SHA-256: f5ca27b5f3e50158608b4726a0f0820a076043f2834d825eb0da20ba4e6e6f87   s390x: openssl-1.0.0-25.el6_3.3.s390.rpm     MD5: 130077ea8698efd247456d32dda4987aSHA-256: 683f89ff435cd629b55584aa165075b95be1737c6aead876e3e7f6934f8fc122 openssl-1.0.0-25.el6_3.3.s390x.rpm     MD5: 68f265e398381d86f6971a50714fd774SHA-256: 0cae6904d3d3cf6119d082753455ebb062704f5ee2238550ebe0af5eebcffe27 openssl-debuginfo-1.0.0-25.el6_3.3.s390.rpm     MD5: a4ae1338016e9d809a2a5f3921eb1c97SHA-256: e59922fd5916a97df12767261da08eacfca7b3edd71ac9fa4f5f98db104d1ced openssl-debuginfo-1.0.0-25.el6_3.3.s390x.rpm     MD5: f08467a9e41b41e8800078f4653476fcSHA-256: 9793a4a5e2667e006cfd033484672a6ad4a4ee298af415ded06dd8e28dc95574 openssl-devel-1.0.0-25.el6_3.3.s390.rpm     MD5: 528cc0182477d5045684be200697833cSHA-256: 7f680530ae67319532c6704dd15623b9cfbd3a39f39cb2c7a6641a77a10a6861 openssl-devel-1.0.0-25.el6_3.3.s390x.rpm     MD5: 676c8a6ec2f2cc53acdf879a9178ec20SHA-256: df7f6510d7e86c90c5c220a7c5091ff9e9e18ecbe462442a8d9b7231d3d7d0a7 openssl-perl-1.0.0-25.el6_3.3.s390x.rpm     MD5: b13f31ce5656fd72277153471513180cSHA-256: bb1e30a7a9930237df22a654f9d558eddfe9e71ab0562c0f1abdb0ad72d442e9 openssl-static-1.0.0-25.el6_3.3.s390x.rpm     MD5: ad4de8a678f609784f207e706e587e09SHA-256: ac455efca6280f998ee2954a7c3d095a8b076797f48d4b1ea85e9f4f74dd103f   x86_64: openssl-1.0.0-25.el6_3.3.i686.rpm     MD5: 8c608c9562eefa636fa9f8f45f4d52eaSHA-256: b74b789baae9d25075ae1f8298cb06756becdb64d6746489af535a724c3d6c32 openssl-1.0.0-25.el6_3.3.x86_64.rpm     MD5: 7eac12affd8e0facdfda4e6f3e7e7a9fSHA-256: 431b04c4a08000ba770a26bafc3f663f99eaff1fdd29a8463f7ffbf55f17b098 openssl-debuginfo-1.0.0-25.el6_3.3.i686.rpm     MD5: 676187d219434457314c0a693b94dfaaSHA-256: 9e9bf5524e635f2a0fcd958a9ba07654b9b8a909e00a120d955325bd8eaea21f openssl-debuginfo-1.0.0-25.el6_3.3.x86_64.rpm     MD5: 255d66b49ae605f82ba12f3cc7e754a2SHA-256: ed6fc78991ea63405ad16c7491600f782347c2c39c0a72df950a8bf5c1f4f663 openssl-devel-1.0.0-25.el6_3.3.i686.rpm     MD5: 00d689645063a41b9d0a29830ede6f6dSHA-256: 41d2f10916977024fc74a250c18f9b412f1fc5c2afd4b302b973846b6cf1d9c3 openssl-devel-1.0.0-25.el6_3.3.x86_64.rpm     MD5: 231097118484c9ef8d633f29d7662bfdSHA-256: 5736c7c89f6216693d47a7e9a1a1a7290fd54a89d8f96734ca14a272fbd2a233 openssl-perl-1.0.0-25.el6_3.3.x86_64.rpm     MD5: 4fd6e3d74a8565776790b0fe023db2caSHA-256: 009c24358291ef669d72c5f0e559b25150e83010bed768f9eac1fb86fea764f9 openssl-static-1.0.0-25.el6_3.3.x86_64.rpm     MD5: d0836f59b810527a01fcf5b18c50727dSHA-256: 43b9ef9c8a89851ca1a851819a8dd455904328750b64d298fa6934ee138935ea   Red Hat Enterprise Linux Server EUS (v. 6.4.z) SRPMS: openssl-1.0.0-27.el6_4.4.src.rpm     MD5: 61fca093d91d78f58d0167cdea1ff986SHA-256: 80db822460fd4090d9be49f478c695c7e632070046c5b15cb201efb65dfcc758   IA-32: openssl-1.0.0-27.el6_4.4.i686.rpm     MD5: 48ea4731c635100b122ea9fac93f9cddSHA-256: 0afb02b326a15ab3d23e47f84bf491af620bb41b8eba331def0acaa9a0115d04 openssl-debuginfo-1.0.0-27.el6_4.4.i686.rpm     MD5: e58cb39838a4f3bac020167c81f5ffe3SHA-256: 9c323a035e5ce39f2fe217a9d449dab395355829a6010ef0240a13b773a3cfc5 openssl-devel-1.0.0-27.el6_4.4.i686.rpm     MD5: 57e83d040b3c3f8a073b64731281d1f5SHA-256: e11d91d6a943ed9a72337d298948cda2fd0dcab118fd1f3e57010bb862a9ae77 openssl-perl-1.0.0-27.el6_4.4.i686.rpm     MD5: b860401730de7aae37df4d15b8066fa5SHA-256: 2a2c2c2f5497f80caecd741745543189b0a97ba5acd098f7860ed13b443516e3 openssl-static-1.0.0-27.el6_4.4.i686.rpm     MD5: 847750f988254a4f4431017c358f8e95SHA-256: e1a0d3b0cbab4f31aa5328ab6f5cbba5be4b9bafa50e8a730abd4b67639c9aa1   PPC: openssl-1.0.0-27.el6_4.4.ppc.rpm     MD5: 511a4d1836847c5217d5c068f84ee8f6SHA-256: 6f0d61676f507bb07bdbc79e49d0fb9dd4e016afa21b6c60b8c1ba5383fbebce openssl-1.0.0-27.el6_4.4.ppc64.rpm     MD5: c67558d24415b639e6e24f92b094480bSHA-256: 050d7882539b4dffd807651f8db00b88bd7f7df6e8beb93ace519b1d0aecab49 openssl-debuginfo-1.0.0-27.el6_4.4.ppc.rpm     MD5: f418dad753c5ec8da150945019108ad8SHA-256: c68b105eaec1a860276fabd56c8d229d417825197852276d72239e1f83228c84 openssl-debuginfo-1.0.0-27.el6_4.4.ppc64.rpm     MD5: 58f5e977011a9d9119269eedf6874654SHA-256: 9be44b70952644406fe09f8b2ab3f72784fd7103c7920d5e7f1dc55d2c3bb2ac openssl-devel-1.0.0-27.el6_4.4.ppc.rpm     MD5: b6e38ba90c19d362cf12bc1ed40fe313SHA-256: 8949230f7021c71627e5a27e7f1e28808ac3419b18c01dd135a170fa5fb42dd3 openssl-devel-1.0.0-27.el6_4.4.ppc64.rpm     MD5: a79e4cc4d558e63a954de60f6b3051e9SHA-256: 4684d4aaaddebd83692e3b7e639c3c52d2580b3d17f19d331d92f424edf86379 openssl-perl-1.0.0-27.el6_4.4.ppc64.rpm     MD5: ed147c4613395a08047f64e9dd5fbb9dSHA-256: 0741104f677f88f3dd73495043f3829bd5dccaa1b9161a69bf4c9da1a23874df openssl-static-1.0.0-27.el6_4.4.ppc64.rpm     MD5: e65975d908f0a32ec7ca1fdcacf5ad7bSHA-256: ba20aeb7140776381dcae23cbd92665b1d24dc4d3972dfdd47edabd15065ac39   s390x: openssl-1.0.0-27.el6_4.4.s390.rpm     MD5: 99516716bc36b7e0a5bdaf04bfe37825SHA-256: 26a5fa81dcbe47d5f9bf9e40c386c241c90b7d53eced85fe8be60b8566a127b7 openssl-1.0.0-27.el6_4.4.s390x.rpm     MD5: cc478f8f3123b72464937d06d831111aSHA-256: 9a67d4e40d494ff52cd1ac558584db82be1afa337ea5e2f2bb58a88fc5735948 openssl-debuginfo-1.0.0-27.el6_4.4.s390.rpm     MD5: c63835062ee5bcf6b329f9e219549867SHA-256: d4a0de3606e946ca1188da9334e4e91a0af4f743ddbdd629a74415cd0373bcc1 openssl-debuginfo-1.0.0-27.el6_4.4.s390x.rpm     MD5: 78bb725622f4afd5f6767e331b350897SHA-256: 77f4304a1d9a573ee4fe1307d178b308077be4bbcce9c820717a65885d4fb5b7 openssl-devel-1.0.0-27.el6_4.4.s390.rpm     MD5: e376d9dd273b32922afd59df84872b9dSHA-256: 6c3867833f913f326aa3479f60cad33962cdf33085c43125fd09ccdaa8fe72bf openssl-devel-1.0.0-27.el6_4.4.s390x.rpm     MD5: 238d5be5e5fded653c5d5d278fa21688SHA-256: d5355bca91edd9f2c7b8e3234867cd277976678afde3c7738911f12dbe4a9330 openssl-perl-1.0.0-27.el6_4.4.s390x.rpm     MD5: 8a9531dd5ccb2f845d78a660bd9f35efSHA-256: 3aeff6b150ebd09afdb92a38b79a2b165885cc91e905e973684b410b3680d901 openssl-static-1.0.0-27.el6_4.4.s390x.rpm     MD5: e9e94a1605db739373b6db1ff97cfeffSHA-256: 906ceb5d7070a711ef7842b6f827c7300f4405dc9483e3479071bb011e370b32   x86_64: openssl-1.0.0-27.el6_4.4.i686.rpm     MD5: 48ea4731c635100b122ea9fac93f9cddSHA-256: 0afb02b326a15ab3d23e47f84bf491af620bb41b8eba331def0acaa9a0115d04 openssl-1.0.0-27.el6_4.4.x86_64.rpm     MD5: 9fff3a3394ca908eaf7ae2c0a67169caSHA-256: 59922f63f5e267dc259fab6316c7655de92dca5c5de5f1aeac672d3b13e12b82 openssl-debuginfo-1.0.0-27.el6_4.4.i686.rpm     MD5: e58cb39838a4f3bac020167c81f5ffe3SHA-256: 9c323a035e5ce39f2fe217a9d449dab395355829a6010ef0240a13b773a3cfc5 openssl-debuginfo-1.0.0-27.el6_4.4.x86_64.rpm     MD5: de1e31c6e27b7f3f6b64cd34c045f4daSHA-256: a03d9778ffd7c86ecb8c7691c1190eb1b1758f263116eed68f009a28afe7b9f5 openssl-devel-1.0.0-27.el6_4.4.i686.rpm     MD5: 57e83d040b3c3f8a073b64731281d1f5SHA-256: e11d91d6a943ed9a72337d298948cda2fd0dcab118fd1f3e57010bb862a9ae77 openssl-devel-1.0.0-27.el6_4.4.x86_64.rpm     MD5: 47dc101ea2313a3836e694bfda2994daSHA-256: 3cb4aa653974a86503de6c40295b4a9fe5aac0fa9df981f90f6c23a468aa5471 openssl-perl-1.0.0-27.el6_4.4.x86_64.rpm     MD5: a4e0f857bd5847e596bbe15ab365d65cSHA-256: 1a52f4143e51d9017570cf6c105fc777a4479b433e23b31848465b00bec1bde4 openssl-static-1.0.0-27.el6_4.4.x86_64.rpm     MD5: 1b43fca45d70ff90cbd98992b8180399SHA-256: d3c40252e0c0d26ce689eb19f920d3c90a85fd138675f13d789c67db248b8462   (The unlinked packages above are only available from the Red Hat Network) These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

Adobe Patches 31 Vulnerabilities, Flash Zero-Day Under Attack

Adobe patched 31 vulnerabilities across nine different product lines Tuesday morning, including a zero-day vulnerability in Flash Player the company claims is being used in targeted attacks against Internet Explorer users on Windows. That vulnerability (CVE-2016-7892) is one of 16 bugs in Flash that could lead to code execution if exploited.

Currently, little is known about the exploit – it was anonymously reported – other than the fact that it’s a use-after-free vulnerability and that it’s being used in limited, targeted attacks against users running the 32-bit version of IE on Windows, according to a security bulletin issued by the Adobe Tuesday. Users running any affected versions (11.2.202.644 and 23.0.0.207 and prior) using Flash Player for Linux are encouraged to update to the new version ( 24.0.0.186) as soon as possible. Today’s Flash zero-day is one of four critical vulnerabilities fixed by Adobe this month.

The company also issued updates to address memory corruption vulnerabilities in Animate, a computer animation program it produces, DNG Converter, a free DNG conversion utility it distributes, and InDesign, its desktop publishing platform. While the company said it wasn’t aware that any of those vulnerabilities were being exploited in the wild, it is nevertheless encouraging users to update to the latest Animate version (16.0.0.112), the latest DNG Converter version (9.8) and the latest InDesign and InDesign server version (12.0.0) to mitigate risk.

Adobe claims all three vulnerabilities are critical but gives each one a priority of three, meaning the products aren’t historically targets for attackers. Adobe also shipped patches for a handful of vulnerabilities it considers ‘important’ on Tuesday.

Affected products include Experience Manager — part of its Marketing Cloud infrastructure, ColdFusion Builder, Digital Editions, and RoboHelp, a help authoring tool for Windows users. The vulnerabilities could be used in cross-site scripting attacks, cross-site request forgery attacks, as well as lead to information disclosure, memory address leaks and other outcomes, according to Adobe. The update, part of the company’s regularly scheduled Patch Tuesday bulletins, comes a month after it patched nine code execution vulnerabilities in Flash Player. Unlike this month’s patches, none of November’s fixes resolved a publicly exploited flaw. It’s the second time Adobe has patched a Flash zero-day under attack this fall.
In October, two weeks prior to November’s Patch Tuesday, the company was forced to release an emergency update to address a vulnerability uncovered by members of Google’s Threat Analysis Group that attackers were leveraging against Windows 7, 8.1 and 10 users.

JSA10616 – 2014-03 Security Bulletin: Junos Pulse Secure Access Service (SSL...

2014-03 Security Bulletin: Junos Pulse Secure Access Service (SSL VPN): Linux Network Connect client local user privilege escalation issue (CVE-2014-2292) Product Affected:This issue can affect all: SA700, SA2000, SA2500, SA4000, FIPS SA4000, SA4500, FIPS SA4500, SA6000, FIPS SA6000, SA6500, FIPS SA6500, MAG2600, MAG4610, MAG6610, and MAG6611. The affected software releases includes IVE OS 7.1, 7.3, 7.4, and 8.0. Problem:A privilege escalation issue has been found and corrected in the Linux Network Connect client. This issue could allow a non-root user to escalate their access to root privileges on a Network Connect end-user client system.Juniper SIRT is not aware of any malicious exploitation of these vulnerabilities.No other Juniper Networks products or platforms are affected by this issue.This issue has been assigned CVE-2014-2292. Solution:The issue is fixed in SA/MAG (IVE OS) releases: 8.0r2, 7.4r8, 7.3r10, and 7.1r17, and all subsequent releases.KB16765 - "In which releases are vulnerabilities fixed?" describes which release vulnerabilities are fixed as per our End of Engineering and End of Life support policies. Workaround: There is no workaround for this issue. You must upgrade to a fixed version of the software for the fix. Implementation:  Related Links: CVSS Score:6.6 (AV:L/AC:M/Au:S/C:C/I:C/A:C) Risk Level:Medium Acknowledgements: Juniper Networks would like to thank two reporters for independently discovering this issue and bringing it to our attention: Jörg Scheinert from Verizon GCIS Vulnerability Management for the discovery and Thierry Zoller for analysis and coordination, and also Joep Vesseur.

VU#535111: McAfee VirusScan Enterprise for Windows scriptproxy COM object memory corruption...

McAfee VirusScan Enterprise for Windows scriptproxy COM object contains a memory corruption vulnerability.

Download iTunes 12.4.3 for Windows (64-bit – for older video...

Languages Download icon This iTunes installer is only for Windows 7 and later on 64 bit systems that are unable to support iTunes video playback requirements on older and low end video cards. Only use this installer if you were directed to this page by the below alert message from iTunes 12.2 or later.  Using this installer on an incorrect system may prevent your system from getting the correct iTunes installer in the future.” If you haven’t already, try using the recommended installer first.  http://www.apple.com/itunes/download/ If you were directed to this page by an alert from iTunes, follow these steps: Download the iTunes installer to your Windows desktop Locate the iTunes64Setup.exe and double click to run the installer Install as you normally would. Your iTunes library will not be affected. 

Multiple Vulnerabilities in OpenSSL Affecting Cisco Products

Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to execute arbitrary code, create a denial of service (DoS) condition...

Threatpost News Wrap, December 16, 2016

Mike Mimoso and Chris Brook discuss the news of the week including Yahoo’s latest breach announcement, a DDoS-for-hire crackdown, hackers seeking help with Mirai, and some new Adobe patches. Show notes: Download: Threatpost_News_Wrap_December_16_2016.mp3Music by Chris Gonsalves

Pro Video Formats 2.0

This update includes support for the following professional video codecs: • Apple Intermediate Codec • Apple ProRes • AVC-Intra • DVCPRO HD • HDV • XDCAM EX / HD / HD422 • MPEG IMX • Uncompressed 4:2:2 This upda...

Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016

On September 22, 2016, the OpenSSL Software Foundation released an advisory that describes 14 vulnerabilities. Of these 14 vulnerabilities, the OpenSSL Software Foundation classifies one as “Critical Severity,” one as &...

Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation...

Cisco IOS XE Software for 1000 Series Aggregation Services Routers (ASR) contains the following denial of service (DoS) vulnerabilities: Cisco IOS XE Software Malformed ICMP Packet Denial of Service Vulnerability Cisco IO...

Microsoft, Google to Block Flash by Default in Edge, Chrome

The acceleration of Flash’s ride off into the sunset hit top speed with Microsoft on Wednesday following up a similar announcement last week from Google that it would block Flash by default in the Edge browser. Google confirmed last Friday that it would be moving to HTML5 by default in Chrome in a measured rollout beginning this week with 1 percent of Chrome 55 users. Microsoft, meanwhile, described how in the next version of Edge, Flash will be blocked by default on sites that support HTML5. “In these cases, Flash will not even be loaded, improving performance, battery life, and security,” said Microsoft’s Crispan Cowan, a former Linux security expert and now longtime member of Microsoft’s security operation. “For sites that still depend on Flash, users will have the opportunity to decide whether they want Flash to load and run, and this preference can be remembered for subsequent visits.” Microsoft cautioned that it would regulate how quickly it moves to HTML5 by default across the board.

For example, Microsoft said the changes would not immediately impact most popular sites still reliant on Flash. “In the coming months, we will actively monitor Flash consumption in Microsoft Edge and will gradually shorten the list of automatic exceptions,” Cowan said. “At the end of this process, users will remain in control, and will be able to choose Flash for any site they visit.” This summer, Apple and Mozilla also said they would begin to reduce their support of Flash in Safari and Firefox respectively. While most of these changes are couched in language of features and performance, the shadow cast by constant reports of serious security vulnerabilities in Flash cannot be escaped. Just this week, the most recent Flash Player update from Adobe included a patch for a zero-day vulnerability under attack.

This year, there have also been emergency security updates for Flash in April, May, June and in October, proving that attackers still finding ways to exploit victims regardless of improvements to the code and swift patching by Adobe. In 2015, Adobe took new measures to secure the weak spots in Flash favored by attacks with mitigations added to the software to hold off memory-based attacks. Regardless, a report by security company Recorded Future released last week pointed out that six of the top 10 vulnerabilities used in exploit kits were Flash Player bugs; the report singled out a zero-day patched in October 2015 that found its way into seven different exploit kits. A little more than a year ago, Adobe began internal movement away from Flash and toward HTML5, and that it had renamed Flash Professional to Animate and said it would be Adobe’s preferred platform for HTML5 content development. “Our customers have clearly communicated that they would like our creative applications to evolve to support multiple standards and we are committed to doing that,” Adobe said in announcing the move. As expected, it’s the browser makers that will truly accelerate Flash’s deprecation.

Google, for example, said that HTML5 by default will be enabled for 50 percent of Chrome 56 beta users, and when Chrome 56 stable is rolled out in February, it will be enabled for all users. “Starting in January users will be prompted to run Flash on a site-by-site basis for sites that they have never visited before,” said Google’s Eric Deily in a post to the Chromium blog last week. “We want to avoid over-prompting users, so over time we’ll tighten this restriction using Site Engagement Index, a heuristic for how much a user interacts with a site based on their browsing activity.
In October all sites will require user permission to run Flash.”