--------------------------------------------------------------------------
  Turbolinux Security Advisory TLSA-2002-60
  http://www/turbolinux.co.jp/security/
                                            security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Openssl

In OpencSsl/Apache worm " Slapper " is being attached

   Release date : 2002-08-29

   Solution: package : openssl-0.9.6g-2 openssh-3.4p1-10

   Problem
    OpencSsl/Apache worm " Slapper " has thrived violence, but
    Presently (2002/09/18) as for the worm which exists, you are infected to the openssl of Turbolinux offer,
    Or we do not receive report that you were infected.
    But because there is a possibility the worm which is altered appearing, please apply the up-to-date openssl.

    Related composition

    [ JPCERT/CC ]
    * Using the vulnerability of the OpencSsl, is spread the Apache/mod_ssl worm which
    Http: //www.jpcert.or.jp/at/2002/at020006.txt

    [ CERT ]
    * Apache/mod_ssl Worm
    Http: //www.cert.org/advisories/CA-2002-27.html


   Solution:
    [ OpencSsl 0.9.6e bug fix ]
http://www.turbolinux.co.jp/security/openssl-0.9.6g-2.html

Package updates: http://www.turbolinux.co.jp/update/