Package: openvpn
Version: 2.1~rc7-1
Severity: important

As you have probably noticed DSA-1571-1[0] requires that openssl be
updated. Currently openvpn depends on libssl0.9.8 (>= 0.9.8f-5), but the
vulnerable library has been fixed in version 0.9.8g-9.

Please consider increasing this dependency as soon as possible.

Thanks,
Micah

0. http://lists.debian.org/debian-security-announce/2008/msg00152.html

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.24-1-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages openvpn depends on:
ii  debconf [debconf-2.0]         1.5.21     Debian configuration management sy
ii  libc6                         2.7-10     GNU C Library: Shared libraries
ii  liblzo2-2                     2.03-1     data compression library
ii  libpam0g                      0.99.7.1-6 Pluggable Authentication Modules l
ii  libssl0.9.8                   0.9.8g-10  SSL shared libraries

openvpn recommends no packages.

-- debconf information:
  openvpn/change_init: false
  openvpn/stop2upgrade: false
  openvpn/default_port:
  openvpn/change_init2: false
  openvpn/create_tun: false



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to