On Fri, Sep 28, 2007 at 03:59:46PM -0400, Noah Meyerhans wrote: > On Fri, Sep 28, 2007 at 09:53:34PM +0200, Kurt Roeckx wrote: > > > > I've also prepared an upload for stable-security at > > people.debian.org/~kroeckx/openssl > > Thanks. Is there any chance of fixing this for oldstable?
The security team wasn't interested in doing updates for oldstable-security before. I think the version of the openssl source package in oldstable still has 4 or 5 security bugs. The openssl096 has either the same or even more. I can prepare a packages fixing all of them if you want. There is still CVE-2007-3108 / #438142 that's present in oldstable and stable. This is probably something nobody cares about. I'll still do one for openssl097 in stable. Kurt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]