Gentoo 2510 Published by

The OpenSSL update is now available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200403-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Multiple OpenSSL Vulnerabilities
Date: March 17, 2004
Bugs: #44941
ID: 200403-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Three vulnerabilities have been found in OpenSSL via a commercial test suite for the TLS protocol developed by Codenomicon Ltd.



Background
=========

The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.

Affected packages
================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
dev-libs/openssl = 0.9.7d
dev-libs/openssl