安全研究
安全漏洞
OpenSSL不安全的协议协商漏洞
发布日期:2005-10-20
更新日期:2005-11-14
受影响系统:
FreeBSD FreeBSD 6.0不受影响系统:
FreeBSD FreeBSD 5.4
FreeBSD FreeBSD 5.3
FreeBSD FreeBSD 4.11
FreeBSD FreeBSD 4.10
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
MandrakeSoft Linux Mandrake 2006.0 x86_64
MandrakeSoft Linux Mandrake 2006.0
MandrakeSoft Linux Mandrake 10.2 x86_64
MandrakeSoft Linux Mandrake 10.2
MandrakeSoft Linux Mandrake 10.1 x86_64
MandrakeSoft Linux Mandrake 10.1
OpenSSL Project OpenSSL < 0.9.8a
OpenSSL Project OpenSSL < 0.9.7h
S.u.S.E. Linux Desktop 1.0
S.u.S.E. Linux 9.3 x86_64
S.u.S.E. Linux 9.3 x86_64
S.u.S.E. Linux 9.3
S.u.S.E. Linux 9.3
S.u.S.E. Linux 9.2 x86_64
S.u.S.E. Linux 9.2 x86_64
S.u.S.E. Linux 9.2
S.u.S.E. Linux 9.2
S.u.S.E. Linux 9.1 x86_64
S.u.S.E. Linux 9.1 x86_64
S.u.S.E. Linux 9.1
S.u.S.E. Linux 9.1
S.u.S.E. Linux 9.0 x86_64
S.u.S.E. Linux 9.0 x86_64
S.u.S.E. Linux 9.0
S.u.S.E. Linux 9.0
S.u.S.E. Linux 10.0 OSS
S.u.S.E. Linux 10.0 OSS
S.u.S.E. Linux 10.0
S.u.S.E. Linux 10.0
Slackware Linux 9.1
Slackware Linux 9.0
Slackware Linux 8.1
Slackware Linux 8.0
Slackware Linux 10.2
Slackware Linux 10.1
Slackware Linux 10.0
Sun Solaris 10_x86
Sun Solaris 10.0
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Enterprise Linux Desktop 4
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux AS 3
RedHat Enterprise Linux AS 2.1 IA64
RedHat Enterprise Linux AS 2.1
MandrakeSoft Multi Network Firewall 2.0
RedHat Fedora Core 4
RedHat Fedora Core 3
RedHat Desktop 3.0
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. UnitedLinux 1.0
RedHat Advanced Workstation 2.1 IA64
RedHat Advanced Workstation 2.1
Ubuntu Linux 5.10 powerpc
Ubuntu Linux 5.10 i386
Ubuntu Linux 5.10 amd64
Ubuntu Linux 5.0 4 powerpc
Ubuntu Linux 5.0 4 i386
Ubuntu Linux 5.0 4 amd64
Ubuntu Linux 4.1 ppc
Ubuntu Linux 4.1 ia64
Ubuntu Linux 4.1 ia32
S.u.S.E. Novell Linux Desktop 9.0
OpenSSL Project OpenSSL 0.9.8a描述:
OpenSSL Project OpenSSL 0.9.7h
BUGTRAQ ID: 15071
CVE(CAN) ID: CVE-2005-2969
OpenSSL是一种开放源码的SSL实现,用来实现网络通信的高强度加密,现在被广泛地用于各种网络应用程序中。
为了能与Microsoft Internet Explorer 3.02完全兼容,可以在OpenSSL中使用SL_OP_MSIE_SSLV2_RSA_PADDING选项禁用安全套接字层协议所需的验证步骤。常用的SSL_OP_ALL选项中包含有上述选项。
如果使用OpenSSL的应用服务器启用了SSL_OP_MSIE_SSLV2_RSA_PADDING选项的话,能够拦截并篡改客户端与服务器之间传输报文的攻击者就可以导致让协议版本协商使用SSLv2,即使客户端和服务端都支持SSLv3。由于SSLv2协议中的一些弱点,这可能允许攻击者读取或篡改正在发送的加密数据。
<*来源:Yutaka Oiwa
链接:http://www.openssl.org/news/secadv_20051011.txt
http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-101974-1
http://security.gentoo.org/glsa/glsa-200510-11.xml
http://lwn.net/Alerts/138208/?format=printable
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:21.openssl.asc
http://lwn.net/Alerts/155326/?format=printable
http://www.debian.org/security/2005/dsa-875
http://www.debian.org/security/2005/dsa-888
*>
建议:
临时解决方法:
* 在基于OpenSSL的应用程序中禁用SSL 2.0。
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-875-1)以及相应补丁:
DSA-875-1:New OpenSSL packages fix cryptographic weakness
链接:http://www.debian.org/security/2005/dsa-875
Debian已经为此发布了一个安全公告(DSA-888-1)以及相应补丁:
DSA-888-1:New OpenSSL packages fix cryptographic weakness
链接:http://www.debian.org/security/2005/dsa-888
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.8.dsc
Size/MD5 checksum: 632 0f3990f71f6773a516a413c393fc6604
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.8.diff.gz
Size/MD5 checksum: 45527 30aa51e1f88c95e086f7918a47fe8f5c
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c.orig.tar.gz
Size/MD5 checksum: 2153980 c8261d93317635d56df55650c6aeb3dc
Architecture independent components:
http://security.debian.org/pool/updates/main/o/openssl/ssleay_0.9.6c-2.woody.8_all.deb
Size/MD5 checksum: 982 71fd036f7135cd3e68c4cf33ed7e2976
Alpha architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.8_alpha.deb
Size/MD5 checksum: 1551638 2f5d722aa4b7c7bd6c9908a3998b6420
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.8_alpha.deb
Size/MD5 checksum: 571552 5e94a096f7569a2e18f82a697908d230
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.8_alpha.deb
Size/MD5 checksum: 736780 2f964e236883e2c8ed7ad2d28ed2bc6b
ARM architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.8_arm.deb
Size/MD5 checksum: 1358314 c2f4acf9994dd42ae0373c34163b6a96
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.8_arm.deb
Size/MD5 checksum: 474348 bc3950a119bd05ab4602fc1aae42f6c0
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.8_arm.deb
Size/MD5 checksum: 730164 c5cc5638fb9ca1583cc23602b61a6dc7
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.8_i386.deb
Size/MD5 checksum: 1289480 0d32fea022a7896b321d673a9138c90f
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.8_i386.deb
Size/MD5 checksum: 461972 970aa086b6758741b4cbbf32e94572a1
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.8_i386.deb
Size/MD5 checksum: 717322 88a3bcb5d1b4330fb25c95b5c7f95bd3
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.8_ia64.deb
Size/MD5 checksum: 1615580 e66ad48cf480c87a965cad2dadde3074
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.8_ia64.deb
Size/MD5 checksum: 711412 a7ff065df8383c36ee0e265d889df450
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.8_ia64.deb
Size/MD5 checksum: 763808 a62f8d33db6e9bc3e770dfd3f23fe70f
HP Precision architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.8_hppa.deb
Size/MD5 checksum: 1435394 5d5be2d74a8035fdee039237f93ad267
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.8_hppa.deb
Size/MD5 checksum: 565228 aa3bfa3d333195f59b637d434cc0e4d7
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.8_hppa.deb
Size/MD5 checksum: 742192 51644d86e15c7bac4d005e57881c6627
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.8_m68k.deb
Size/MD5 checksum: 1266800 9973441879b98558d95904e0f2798f7c
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.8_m68k.deb
Size/MD5 checksum: 450948 7f7199530678b922e3b9499a9e3c9107
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.8_m68k.deb
Size/MD5 checksum: 720758 87053610447971c8923160df9ae48304
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.8_mips.deb
Size/MD5 checksum: 1415426 5a9625c92cdf9f54f532806278cf7b71
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.8_mips.deb
Size/MD5 checksum: 483940 4c322f1697e1cd5c701b8870417d5604
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.8_mips.deb
Size/MD5 checksum: 717966 8ce534b83ec7fc69878fbb032562db7f
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.8_mipsel.deb
Size/MD5 checksum: 1409820 335f3bfc4afadc7099dd81ca655f43ab
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.8_mipsel.deb
Size/MD5 checksum: 476994 4e51fa71c3feb9871eae6d3620d97a88
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.8_mipsel.deb
Size/MD5 checksum: 717282 74f673dc3d93ab31316c266647e236f8
PowerPC architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.8_powerpc.deb
Size/MD5 checksum: 1387860 8c150c04059434d276d9be72e60a33d5
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.8_powerpc.deb
Size/MD5 checksum: 502762 bc0b6913643d3a49410b2e8b991a2612
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.8_powerpc.deb
Size/MD5 checksum: 727200 942fccc855f790681ff55792595a0e9e
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.8_s390.deb
Size/MD5 checksum: 1326764 f0e3604fd60501387dd64d147ed2b399
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.8_s390.deb
Size/MD5 checksum: 510774 4720d8b0c5b4a4989941af6af448f1c8
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.8_s390.deb
Size/MD5 checksum: 731906 e087d1292d906a027bd18f8ba64bcaa7
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.8_sparc.deb
Size/MD5 checksum: 1344478 462215d04cdc46df9d3c30ca9809ad0c
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.8_sparc.deb
Size/MD5 checksum: 485082 d5bf47809f860074a30d1925ec260471
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.8_sparc.deb
Size/MD5 checksum: 737538 bd16a927946e42e9388c10c6caab2471
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge1.dsc
Size/MD5 checksum: 639 1d4fe852d85c23ee4befe3b69ad11f42
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge1.diff.gz
Size/MD5 checksum: 27134 40b781ed5e9b5da015d3d17621378c75
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e.orig.tar.gz
Size/MD5 checksum: 3043231 a8777164bca38d84e5eb2b1535223474
Alpha architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge1_alpha.deb
Size/MD5 checksum: 3339042 08256d8f24f46888c8d851e7a7717d03
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge1_alpha.deb
Size/MD5 checksum: 2445184 1c9cfeaa0af4cfe1e412342afb315028
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge1_alpha.deb
Size/MD5 checksum: 929866 89c795ae3258886e24dc3c05b0317c0d
AMD64 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge1_amd64.deb
Size/MD5 checksum: 2693256 1c9d25d3ca61d64cc55cefbd53543984
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge1_amd64.deb
Size/MD5 checksum: 769270 444bbc7046101472d4a0d918e258c15c
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge1_amd64.deb
Size/MD5 checksum: 903332 901d18551ad23f7c95489589aecc9394
ARM architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge1_arm.deb
Size/MD5 checksum: 2554838 9da71c016a4c19c4766022b75b6c9b1c
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge1_arm.deb
Size/MD5 checksum: 689386 9d607bbe307f6b050865cdccee0e8b2b
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge1_arm.deb
Size/MD5 checksum: 893800 fb067120630f9638363b8ee7fd133110
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge1_i386.deb
Size/MD5 checksum: 2551894 c9a047ff0bb105d5dbf150370746044a
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge1_i386.deb
Size/MD5 checksum: 2262314 ecd5cfaa6085cdd73f15ffff1e2780a9
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge1_i386.deb
Size/MD5 checksum: 902214 eb49dbdd0b9bc19342000833eafc422a
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge1_ia64.deb
Size/MD5 checksum: 3394806 d165b3284eab212f0a90c3d7aa9d274c
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge1_ia64.deb
Size/MD5 checksum: 1037634 6901a41b294cc7446a5d8b36037fb09c
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge1_ia64.deb
Size/MD5 checksum: 974704 3bd5964f5a7543e3ed589584362ab5b5
HP Precision architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge1_hppa.deb
Size/MD5 checksum: 2695182 889bafc3edbc895e4abeb548e16a2218
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge1_hppa.deb
Size/MD5 checksum: 790356 cda81a66041c3948d0b04a811fd5e78f
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge1_hppa.deb
Size/MD5 checksum: 914154 e06f637b72ad3ef60f9bd1dcafd28b1f
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge1_m68k.deb
Size/MD5 checksum: 2316264 22c140d007c3ae174925621468a39cb1
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge1_m68k.deb
Size/MD5 checksum: 661018 7f67414f0791fc985541378bb55dc7bb
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge1_m68k.deb
Size/MD5 checksum: 889428 22cb29e59ffcbae25cea4db0d27115ad
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge1_mips.deb
Size/MD5 checksum: 2778266 f467fff7ed6cbefbc672dd7751473596
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge1_mips.deb
Size/MD5 checksum: 705794 9a63ff8605fd3f2759e78a9a8081d478
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge1_mips.deb
Size/MD5 checksum: 896400 f1e1f16d6b5857a4bce14ca8bd5bc736
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge1_mipsel.deb
Size/MD5 checksum: 2765942 34c72af7ae700c9583a11c3044f942d4
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge1_mipsel.deb
Size/MD5 checksum: 693754 0052d22ab3dafb44b5fbd7978d83a814
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge1_mipsel.deb
Size/MD5 checksum: 895542 0901349aab6ab6231b530475b4669ea6
PowerPC architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge1_powerpc.deb
Size/MD5 checksum: 2775598 1f2e461d360e3cc8e33d5cd866f9e1d0
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge1_powerpc.deb
Size/MD5 checksum: 778892 ddd9238eafb70e31b4fb991909a5bdb8
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge1_powerpc.deb
Size/MD5 checksum: 908056 5f601e19f91dcdc08541277a42592d5a
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge1_s390.deb
Size/MD5 checksum: 2716890 7aa32958f3d1631ac8774ce26ed718f0
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge1_s390.deb
Size/MD5 checksum: 813422 bc2cffe3bcac2ac971d3cbaf7f3e02ea
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge1_s390.deb
Size/MD5 checksum: 918200 a2d0be567be281c9e6af34fd49c89ec8
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge1_sparc.deb
Size/MD5 checksum: 2629110 35c2e695c12fd379bfa100347f0641b2
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge1_sparc.deb
Size/MD5 checksum: 1883990 b432d0bfa5408215a68fc3260e5c3f4a
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge1_sparc.deb
Size/MD5 checksum: 924138 203d2f9a8068fb193a72d610df41f045
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
FreeBSD
-------
FreeBSD已经为此发布了一个安全公告(FreeBSD-SA-05:21)以及相应补丁:
FreeBSD-SA-05:21:Potential SSL 2.0 rollback
链接:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:21.openssl.asc
补丁下载:
* FreeBSD Patch openssl.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:21/openssl.patch
OpenSSL Project
---------------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
* OpenSSL Project Upgrade openssl-0.9.7h.tar.gz
http://www.openssl.org/source/openssl-0.9.7h.tar.gz
* OpenSSL Project Upgrade openssl-0.9.8a.tar.gz
http://www.openssl.org/source/openssl-0.9.8a.tar.gz
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2005:476-01)以及相应补丁:
RHSA-2005:476-01:Moderate: openssl security update
链接:http://lwn.net/Alerts/138208/?format=printable
Sun
---
Sun已经为此发布了一个安全公告(Sun-Alert-101974)以及相应补丁:
Sun-Alert-101974:OpenSSL (see openssl(5)) May Allow an Agent to Force a Rollback to a Cryptographically Weak Protocol Version
链接:http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-101974-1
Gentoo
------
Gentoo已经为此发布了一个安全公告(GLSA-200510-11)以及相应补丁:
GLSA-200510-11:OpenSSL: SSL 2.0 protocol rollback
链接:http://security.gentoo.org/glsa/glsa-200510-11.xml
所有OpenSSL用户都应升级到最新版本:
# emerge --sync
# emerge --ask --oneshot --verbose dev-libs/openssl
浏览次数:11783
严重程度:0(网友投票)
绿盟科技给您安全的保障