On Mon, Nov 04, 2002 at 10:55:53AM -0500, andrew lattis wrote: > i'm assuming these also apply to apache-ssl, but there doesn't appear to > be a new package. is it still in the works or is apache-ssl not > vulnerable? The former. -- - mdz