Re: Aw: Re: [SECURITY] [DSA 2896-1] openssl security update

To: debian-security@lists.debian.org
Subject: Re: Aw: Re: [SECURITY] [DSA 2896-1] openssl security update
From: Paul Wise <pabs@debian.org>
Date: Sat, 12 Apr 2014 10:05:15 +0800
Message-id: <[🔎] CAKTje6Ej=0q2Gn2LK1O3FjGRe_XJAc0opRiZead1E+RHywehHA@mail.gmail.com>
In-reply-to: <[🔎] 53489E89.2070402@noflag.org.uk>
References: <E1WXHDi-0007bY-NH@master.debian.org> <[🔎] 534809AA.2000705@noflag.org.uk> <[🔎] trinity-f3090dbc-834c-45ec-8cca-501d4781f536-1397231562657@3capp-gmx-bs20> <[🔎] 53489E89.2070402@noflag.org.uk>

On Sat, Apr 12, 2014 at 10:01 AM, daniel wrote:

> Mod_spdy has a statically-linked vulnerable version of OpenSSL

That sounds like a pretty bad bug in your copy of mod_spdy, please ask
the vendor of your copy of mod_spdy to fix this by depending on the
OpenSSL shared library instead of statically linking with OpenSSL.

-- 
bye,
pabs

http://wiki.debian.org/PaulWise

Reply to:

References:
- Re: [SECURITY] [DSA 2896-1] openssl security update
  - From: daniel <daniel@noflag.org.uk>
- Aw: Re: [SECURITY] [DSA 2896-1] openssl security update
  - From: "Estelmann, Christian" <c.estelmann@gmx.net>
- Re: Aw: Re: [SECURITY] [DSA 2896-1] openssl security update
  - From: daniel <daniel@noflag.org.uk>

Prev by Date: Re: Aw: Re: [SECURITY] [DSA 2896-1] openssl security update
Next by Date: Re: [#41764] [SECURITY] [DSA 2902-1] curl security update
Previous by thread: Re: Aw: Re: [SECURITY] [DSA 2896-1] openssl security update
Next by thread: Re: [SECURITY] [DSA 2896-1] openssl security update
Index(es):
- Date
- Thread