Bug#136801: [ben@algroup.co.uk: Apache-SSL 1.3.22+1.47 - update to security fix]

To: 136801@bugs.debian.org
Subject: Bug#136801: [ben@algroup.co.uk: Apache-SSL 1.3.22+1.47 - update to security fix]
From: Matt Zimmerman <mdz@debian.org>
Date: Tue, 5 Mar 2002 15:31:37 -0500
Message-id: <20020305203137.GC17062@alcor.net>
Reply-to: Matt Zimmerman <mdz@debian.org>, 136801@bugs.debian.org

----- Forwarded message from Ben Laurie <ben@algroup.co.uk> -----

Date: Mon, 04 Mar 2002 14:47:51 +0000
From: Ben Laurie <ben@algroup.co.uk>
To: Apache SSL <apache-ssl@lists.aldigital.co.uk>,
	Apache SSL Announce <apache-sslannounce@lists.aldigital.co.uk>,
	Bugtraq <BUGTRAQ@SECURITYFOCUS.COM>,
	CERT Coordination Center <cert@cert.org>
Subject: Apache-SSL 1.3.22+1.47 - update to security fix

On Friday 1st March 2002 I released a security alert for Apache-SSL,
announcing a fix to a buffer overflow. Unfortunately, because the fix
had to be released in haste (since I had not been alerted before public
disclosure), the fix had a bug.

Fortunately, the bug did not leave Apache-SSL vulnerable, but it did
prevent correct operation.

I have, therefore, released an updated version of Apache-SSL today,
1.3.22+1.47, which is available from all the usual places.

Users of versions prior to this should upgrade immediately.

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

----- End forwarded message -----

-- 
 - mdz

Reply to:

Prev by Date: Bug #68046
Next by Date: Processed: .
Previous by thread: Bug #68046
Next by thread: Processed: .
Index(es):
- Date
- Thread