recent OpenSSL vulnerabilities

To: debian-security@lists.debian.org
Subject: recent OpenSSL vulnerabilities
From: Pavel Jurus <jurus@cs.cas.cz>
Date: Tue, 25 Mar 2003 09:51:02 +0100
Message-id: <[🔎] 20030325085102.GA1140@cs.cas.cz>

Hello,
I have seen two or three questions but no answer on this list. What
is the status of vulnerabilities announced on http://www.openssl.org/
from 17-Mar-2003 and 19-Mar-2003. Are the debian packages vulnerable?

I'm not sure whether i should wait for updated packages, file a bug
against libssl0.9.6, and/or just patch/compile everything by hand and
remove corresponding debian packages.

Pavel Jurus

Reply to:

debian-security@lists.debian.org
Pavel Jurus (on-list)
Pavel Jurus (off-list)

Prev by Date: Problem with kernel messages
Next by Date: Re: [SECURITY] [DSA 265-1] -- BAD SIGNATURE !?
Previous by thread: Re: Problem with kernel messages
Next by thread: Earn more without ever taking more classes
Index(es):
- Date
- Thread