[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Applying new OpenSSL patch to mod_ssl for Raq4

Subject: [cobalt-security] Applying new OpenSSL patch to mod_ssl for Raq4
From: "Ian" <cobalt@xxxxxxxxxxxxx>
Date: Fri, 28 Mar 2003 12:51:43 -0000
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi,

Due to the new vulnerability in openssl (see below), I decided to 
recompile mod_ssl for apache.

http://www.openssl.org/news/secadv_20030317.txt


During the process I copied everything down and have placed 
instructions here (html):

http://www.fishnet.co.uk/support/cobalt/mod_ssl/index.html

or as a text file:

http://www.fishnet.co.uk/support/cobalt/mod_ssl/config_mod_ssl.txt


These instructions are for a Raq4 with Apache 1.3.20.  (Based on 
instructions from Gerald Waugh.)


I do not know if it is possible to expolit the vulnerability or 
whether one exists, but better safe than sorry !

The fact that openssl have not released a new version probably says 
it all.


DISCLAIMER: I have provided these instructions for information only.  
If this breaks your mod_ssl this is in no way my fault.  Just 
reinstall the backup.  It worked for me.


Regards

Ian Gibbons
--

Prev by Date: [cobalt-security] more qube 2 security info plse!!!
Next by Date: [cobalt-security] ftp problem
Previous by thread: [cobalt-security] more qube 2 security info plse!!!
Next by thread: [cobalt-security] ftp problem

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index