Re: CVE-2016-0800 status for openssl 0.9.8o
On Wed, Mar 23, 2016 at 15:09:19 +0000, Mike LI wrote:
> Dear Debian developers:
> We still use 0.9.8 with Debian squeeze (lts) dist in production systems.
>
> As shown below,
> https://security-tracker.debian.org/tracker/CVE-2016-0800
>
> openssl (PTS)squeeze, squeeze (security)0.9.8o-4squeeze14vulnerable
> squeeze (lts)0.9.8o-4squeeze23 vulnerable
> Do you have plan/schedule when it will be fixed?
>
squeeze-lts reached end of life last month. No new fixes will be
released for it. You should upgrade to a supported release ASAP.
https://www.debian.org/News/2016/20160212
Cheers,
Julien
Reply to: