Hi Michael, thanks again for your time, this seems to have done the trick.
Marcus >From: Michael Stauber <[EMAIL PROTECTED]> >Reply-To: [EMAIL PROTECTED] >To: [EMAIL PROTECTED] >Subject: Re: [cobalt-security] solarspeed openssl package >Date: Tue, 1 Oct 2002 22:50:03 +0200 > >Hi Marcus, > > > for those that installed the solarspeed security update 'RaQ4: > > Mod_SSL-2.8.4/OpenSSL-0.96g' on our raq's, what is the best course of > > action. > >Well, it is as follows: > >RaQ4-All-Security-2.0.1-2-15787.pkg fixes the /usr/lib/authenticate issues >and >a .htacess related problem, but NOT the mod_ssl/2.8.4 OpenSSL/0.9.6b >Slapper >vulnerability. Why Sun Cobalt didn't take the chance to fix two problems in >one patch is beyond my knowledge. Instead they'll most likely bother us >with >another Apache-PKG in two months time. :o( > >So the recommended course of actions would be this: > >1) Uninstall the Solarspeed PKG by running the uninstaller located at >/var/lib/cobalt/uninstallers/mod_ssl-2.8.4.uninst > >2) Then apply RaQ4-All-Security-2.0.1-2-15787.pkg > >3) Re-apply the Solarspeed's RaQ4: Mod_SSL-2.8.4/OpenSSL-0.96g PKG > > >-- > >With best regards, > >Michael Stauber >[EMAIL PROTECTED] >Unix/Linux Support Engineer > >_______________________________________________ >cobalt-security mailing list >[EMAIL PROTECTED] >http://list.cobalt.com/mailman/listinfo/cobalt-security _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
