On 08/04/14 18:32, Kurt Roeckx wrote:
jessie is still vulnerable at 1.0.1f-1.
jessie has 1.0.1g-1 already, which should fix it.
Thank you, it just took a little longer for the package to hit my mirror.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of
On Tue, Apr 08, 2014 at 03:37:45PM +0200, Gregor Riepl wrote:
found 743883 1.0.1e-2
fixed 743883 + 1.0.1-g
fixed 743883 + 1.0.1e-2+deb7u5
jessie is still vulnerable at 1.0.1f-1.
jessie has 1.0.1g-1 already, which should fix it.
Kurt
--
To UNSUBSCRIBE, email to
When will jessie be updated?
The website still has 1.0.1f-1 and the Debian Changelog shows Not
found page.
https://packages.debian.org/jessie/openssl
http://metadata.ftp-master.debian.org/changelogs//main/o/openssl/openssl_1.0.1f-1_changelog
apt-get also gives 1.0.1f-1
Please fix.
--
To
On Tue, Apr 08, 2014 at 02:18:53PM -0400, gmitpro wrote:
When will jessie be updated?
The website still has 1.0.1f-1 and the Debian Changelog shows Not found
page.
https://packages.debian.org/jessie/openssl
On Tue, Apr 08, 2014 at 08:43:11PM +0200, Kurt Roeckx wrote:
On Tue, Apr 08, 2014 at 02:18:53PM -0400, gmitpro wrote:
When will jessie be updated?
The website still has 1.0.1f-1 and the Debian Changelog shows Not found
page.
https://packages.debian.org/jessie/openssl
Warning, openssl=1.0.1e-2+deb7u6 depends on libssl1.0.0= 1.0.1, so,
updating openssl without updating the whole world does not update
libssl.
It would be an excellent idea if openssl=1.0.1e-2+deb7u6 depends on
libssl1.0.0=1.0.1e-2+deb7u6 if someone wants install this security fix
without
Package: openssl
Version: 1.0.1f-1
Severity: grave
A serious flaw has been discovered in OpenSSL versions 1.0.1 through
1.0.1f. This bug can allow an attacker to read process memory on
vulnerable systems leading to exposure of the private key. Please
see:
found 743883 1.0.1e-2
fixed 743883 + 1.0.1-g
fixed 743883 + 1.0.1e-2+deb7u5
close 743883
thanks
On Mon, Apr 07, 2014 at 09:11:09PM +, Travis Cross wrote:
Package: openssl
Version: 1.0.1f-1
Severity: grave
A serious flaw has been discovered in OpenSSL versions 1.0.1 through
1.0.1f.
8 matches
Mail list logo