[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] new openssl vulnerabilities

Subject: Re: [cobalt-security] new openssl vulnerabilities
From: Eugene Crosser <crosser@xxxxxxxxxxx>
Date: 30 Jul 2002 22:09:55 +0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Tue, 2002-07-30 at 18:28, Jonathan Michaelson wrote:
> Here we go again:
> http://online.securityfocus.com/archive/1/285022/2002-07-27/2002-08-02/0

Gentlemen,

for those of you who are for some reason interested in binary RPMs, I
have prepared openssl-0.9.6b-24 for RaQ4 (and RaQ3?) here:

	http://www.average.org/cobalt/

It is my understanding that this is a patched by RedHat version of
openssl, with the above mentioned vulnerability fixed.  SRPM is dated
07/29/02  01:21:00 on RedHat site.  I'll take no blame, please check
yourself if you are causious, or better yet, compile 0.9.6e from the
source.

Please note that installing these RPMs will *NOT* fix possible
vulnerabilities in OpenSSH and Apache, as they both are statically
linked against some other version(s) of openssl library.

Eugene

References:
- [cobalt-security] new openssl vulnerabilities
  - From: Jonathan Michaelson

Prev by Date: Re: [cobalt-security] OPENSSL vulnerability
Next by Date: Re: [cobalt-security] new openssl vulnerabilities
Previous by thread: Re: [cobalt-security] new openssl vulnerabilities
Next by thread: Re: [cobalt-security] new openssl vulnerabilities

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index