In message <00ef01c2388a$0ecaa8c0$390110ac@kovaiteam> on Wed, 31 Jul 2002 17:29:32
+0530, "kumar" <[EMAIL PROTECTED]> said:
kumaresh_ind> Hello all,
kumaresh_ind> I am using OpenSSH with OpenSSL(0.9.6d)
kumaresh_ind> What is the impact of this OpenSSL vulnerability in openssh?
kumaresh_ind> Anyone have answers.Please share.
As long as OpenSSH doesn't touch anything related to SSL or ASN.1, you
should be safe. OpenSSH doesn't talk SSL, and as far as I know, it
doesn't handle certificates yet (that's where ASN.1 would come in).
If OpenSH handles certificates, it should be possible to disable that
until you have made appropriate upgrades.
My 2 cents...
--
Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
\ SWEDEN \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
