Jamie, you are definitely right. I would like to clarify it now. To fix latest reported vulnerabilities it should be fine to update to 0.9.8n or backport patches. I'll be happy with that, because this is enough for use with Apache httpd 2.2.15 (or again backported patches) But there is also good oportunity to switch directly to 1.0.0. in Lucid to take a lot of enhancements which indirectly improves security.
-- CVE-2009-3555 OpenSSL need to be updated to close TLS MITM attack https://bugs.launchpad.net/bugs/484417 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
