Updated: July 29, 2002
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: October 25, 2001
Affected
Conectiva's for CL 7.0 are at: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000418&idioma=en That page also contains links to updates for our older distros.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: October 25, 2001
Affected
See
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: July 29, 2002
Affected
All users should upgrade to the most recent version, as outlined in
this advisory. Guardian Digital recently made available the Guardian Digital Secure
Update, a means to proactively keep systems secure and manage
system software. EnGarde users can automatically update their system
using the Guardian Digital WebTool secure interface. If choosing to manually upgrade this package, updates can be
obtained from: ftp://ftp.engardelinux.org/pub/engarde/stable/updates/
http://ftp.engardelinux.org/pub/engarde/stable/updates/ Before upgrading the package, the machine must either: a) be booted into a "standard" kernel; or
b) have LIDS disabled. To disable LIDS, execute the command: # /sbin/lidsadm -S -- -LIDS_GLOBAL To install the updated package, execute the command: # rpm -Uvh
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: July 29, 2002
Not Affected
HP does not ship/support OpenSSL.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: October 25, 2001
Not Affected
Regarding VU#131923, IBM's AIX operating system is not vulnerable, as IBM does not include OpenSSL.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: October 25, 2001
Affected
NetBSD released the security advisory: NetBSD Security Advisory 2001-013 OpenSSL PRNG weakness (up to 0.9.6a) on August 23 detailing our solution this issue. It may be found at: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-013.txt.asc In summary, we shipped some software which was vulnerable, but we have published a solution to the problem, and our latest shipping release (NetBSD 1.5.2) is not vulnerable.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: October 25, 2001
Affected
See http://www.openssl.org/news/secadv_prng.txt
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: October 19, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.