[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] OpenSSL Advisory?
- Subject: Re: [cobalt-security] OpenSSL Advisory?
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Wed, 1 Oct 2003 19:24:12 +0200
- Organization: SOLARSPEED.NET
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Eugene,
> As far as I understand, openssh only uses "crypto" part
> of the OpenSSL package, which probably makes it unaffected by the bugs
> in the "ssl" part.
Hmm ... as Greg pointed out SSH anything that exchanges keys might be
affected. Well, let's not take risks. I'm going to roll out a new OpenSSH
later this night. I'm already compiling the new OpenSSL-0.9.7c on my boxes so
that I can link against it.
--
With best regards,
Michael Stauber