On Tue, 5 Sep 2006, Ed wrote:
hey Ed,
>Darren,
>
>Thanks for your reply. Are you sure about the openssl though? I don't
>pretend to be an expert on openssl, but the following page indicates there
>are vulnerabilities in openssl 0.9.7d dating back to 30th September 2004:
all are fixed in the latest S10 update and all of them are being
fixed as soon as they come up. For example, can-2005-2969 security notice
was released in Oct 11, 2005. And I can see that there was a patch for
Solaris 10 in Nov/28/2005:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-121230-01-1
and since you talked about RedHat, I just tried to find it, too:
http://rhn.redhat.com/errata/RHSA-2005-882.html
I hope that I'm not mistaken but it seems to me that they released
their advisory/patches in 2005-12-19.
Jan.
--
Jan Pechanec
_______________________________________________
opensolaris-discuss mailing list
[email protected]
