Hi Laszlo, On Thu, January 26, 2012 10:56, [email protected] wrote: > Hi, > > http://www.debian.org/security/2012/dsa-2392 > > says: For the stable distribution (squeeze), this problem has been fixed > in version 0.9.8o-4squeeze7. > > But the binary version in http://packages.debian.org/squeeze/openssl is > 0.9.8o-4squeeze5 and it was issued for the previous bug.
0.9.8o-4squeeze7 is the correct package version to fix those problems, and the security archive contains those packages. If you update through APT you will get the corrected packages. It seems like the web page you mention has not updated (yet). I'm CC'ing debian-www, who maintain that infrastructure, so they can investigate. Kind regards, Thijs Kinkhorst Debian Security Team -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
