scar <[email protected]> wrote: > after updating openssl on my system for the 2015-006 security advisory, > the version is 1.0.2a. now i am getting insecurity emails for that > version but i can't update it...
That's because that version is also flagged as having * an OPEN multiple-vulnerabilities vulnerability" according to ftp://ftp.NetBSD.org/pub/pkgsrc/current/pkgsrc/security/openssl/README.html I don't think it's an error; just hasn't been patched yet. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This email has a PGP signature attached; verify using PGP public key at http://jgw.sdf.org/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUx97aAAoJELZg2zktVKWMNZUP/ispNTlNSjx0QoKChol0sZSF 55ZvdtINHvA5DL0M78kXVkFqzWDdnAjE857iK8fXbj5Az6tx05DY+iovf6qUyLKF X/5Jm82B8xAlSu8AlM37su8TzAgh51rw0UPJ1qhfaiamjognk6Yc0fFCnsWlaElp 1toKk++UghXfcWkY4hs3t6S//Nzf1WTg3mwKHVfmMJy2I2doXjI1Ok2ogB11gQX9 7HqJVpHcRzdel3iAUgmzruexQzBXpuBdylAjLfGiF7bVgP3bK4teck/D46BP09qJ XBPKgNwbHtCRqArfRjMb92EhzgZjUftadJwDmPFlE7N1nn2tBP2pmwb8lhq18CsS 2uyflSrVMwFuRYYCXcfPTYl+mUTg0kA9MAp/gNVOAc+9B7TfjWN1HkCBnOuBFtI2 7nH7xJ3eEeOaoTRZPXo0WSWcAtWDXXbdZXW8cgVUIxggQLVA22CTKMRUTGfeJwcS KAbzyZu/z2/V04Ygnu2hzgAGulw4qvv0cREiOVHVdpgaq8hEH2/U/yKqaXTf5NCp P+9NKQDGgnt2cWNibUAzF563uvnOL3OnnjeT6/PLsfzJkpOFPi/H/UHc8a6Hjc8F l2S9u+5Lu4DFfXjewTRT8NLmeal3kppHBwHIeGVavWlmLET0bvSj486qimXVv2SN fwEG5kbnu8pX89ZowR8U =KFMw -----END PGP SIGNATURE-----
