On Tue, 2002-07-30 at 18:28, Jonathan Michaelson wrote:
> Here we go again:
> http://online.securityfocus.com/archive/1/285022/2002-07-27/2002-08-02/0
Gentlemen,
for those of you who are for some reason interested in binary RPMs, I
have prepared openssl-0.9.6b-24 for RaQ4 (and RaQ3?) here:
http://www.average.org/cobalt/
It is my understanding that this is a patched by RedHat version of
openssl, with the above mentioned vulnerability fixed. SRPM is dated
07/29/02 01:21:00 on RedHat site. I'll take no blame, please check
yourself if you are causious, or better yet, compile 0.9.6e from the
source.
Please note that installing these RPMs will *NOT* fix possible
vulnerabilities in OpenSSH and Apache, as they both are statically
linked against some other version(s) of openssl library.
Eugene
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
