[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CVE-2016-0800 status for openssl 0.9.8o

On Wed, Mar 23, 2016 at 15:09:19 +0000, Mike LI wrote:

> Dear Debian developers:
> We still use 0.9.8 with Debian squeeze (lts) dist in production systems. 
> 
> As shown below,
> https://security-tracker.debian.org/tracker/CVE-2016-0800
> 
> openssl (PTS)squeeze, squeeze (security)0.9.8o-4squeeze14vulnerable
> squeeze (lts)0.9.8o-4squeeze23 vulnerable
> Do you have plan/schedule when it will be fixed?
> 
squeeze-lts reached end of life last month.  No new fixes will be
released for it.  You should upgrade to a supported release ASAP.
https://www.debian.org/News/2016/20160212

Cheers,
Julien
Reply to: