On Tue, Feb 26, 2008 at 05:02:27PM -0600, Blasdel, Jerry wrote:
> Viktor,
>
> http://www.securityfocus.com/bid/25831/info has 0.9.7m as being
> vulnerable.
>
> I'm not sure how one can try to get them to correct it on their list.
>
Sorry, my mistake, not theirs, the fix for this issue has no
esday, February 26, 2008 03:10 PM
To: openssl-users@openssl.org
Subject: Re: 0.9.8 version that is fips compliant?
On Tue, Feb 26, 2008 at 03:06:17PM -0600, Blasdel, Jerry wrote:
> All,
>
> Is OpenSSL version 0.9.7m vulnerable to this security notice
> http://www.openssl.org/news/se
On Tue, Feb 26, 2008 at 03:06:17PM -0600, Blasdel, Jerry wrote:
> All,
>
> Is OpenSSL version 0.9.7m vulnerable to this security notice
> http://www.openssl.org/news/secadv_20071012.txt?
>
> Reading through the notice it sounds like they recommend upgrading to
> 0.9.8g but that only those versio
users@openssl.org
Subject: Re: 0.9.8 version that is fips compliant?
Blasdel, Jerry wrote:
> All,
>
> Is there a 0.9.8 version of OpenSSL that is fips compliant? Steve
> thought there would be one available possibly around February/March
> timeframe of this year.
Alas, that schedule has
Blasdel, Jerry wrote:
All,
Is there a 0.9.8 version of OpenSSL that is fips compliant? Steve
thought there would be one available possibly around February/March
timeframe of this year.
Alas, that schedule has slipped. We lost a month plus due to the
unexpected ordeal of getting the vulner
All,
Is there a 0.9.8 version of OpenSSL that is fips compliant? Steve
thought there would be one available possibly around February/March
timeframe of this year.
After looking closer, it appears that 0.9.7m does not have the following
vulnerability http://www.openssl.org/news/secadv_20071012.tx