[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] new openssl vulnerabilities
- Subject: Re: [cobalt-security] new openssl vulnerabilities
- From: Eugene Crosser <crosser@xxxxxxxxxxx>
- Date: 30 Jul 2002 22:09:55 +0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Tue, 2002-07-30 at 18:28, Jonathan Michaelson wrote:
> Here we go again:
> http://online.securityfocus.com/archive/1/285022/2002-07-27/2002-08-02/0
Gentlemen,
for those of you who are for some reason interested in binary RPMs, I
have prepared openssl-0.9.6b-24 for RaQ4 (and RaQ3?) here:
http://www.average.org/cobalt/
It is my understanding that this is a patched by RedHat version of
openssl, with the above mentioned vulnerability fixed. SRPM is dated
07/29/02 01:21:00 on RedHat site. I'll take no blame, please check
yourself if you are causious, or better yet, compile 0.9.6e from the
source.
Please note that installing these RPMs will *NOT* fix possible
vulnerabilities in OpenSSH and Apache, as they both are statically
linked against some other version(s) of openssl library.
Eugene