Hi David, > So if my SSH is now patched with OpenSSH Release 3.4p1-3 > How is my OpenSSL doing?
You then still have a vulnerable OpenSSL installed. But even upgrading that would not entirely get rid of the entire problem as a few applications have been compiled statically against the old OpenSSL. Apache for Instance as you can see from a RaQ4's Apache ident string: Apache/1.3.20 Sun Cobalt (Unix) mod_ssl/2.8.4 OpenSSL/0.9.6b PHP/4.0.6 mod_auth_pam_external/0.1 FrontPage/4.0.4.3 mod_perl/1.25 So we'll even need a new Apache ... again. -- With best regards, Michael Stauber [EMAIL PROTECTED] Unix/Linux Support Engineer _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
