Re: openssl-0.9.6c-2.woody.0 not vulnerable, right?

To: debian-user@lists.debian.org
Subject: Re: openssl-0.9.6c-2.woody.0 not vulnerable, right?
From: Vineet Kumar <debian-user@virtual.doorstop.net>
Date: Sat, 14 Sep 2002 15:03:21 -0700
Message-id: <[🔎] 20020914220321.GA53491@doorstop.net>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] E17qJGV-0000iW-00@alpine>
References: <[🔎] E17qJGV-0000iW-00@alpine>

* Alan Su (alsu@cs.ucsd.edu) [020914 13:12]:
> i just want to check on something here.  when i first upgraded to
> woody, i read <http://www.debian.org/security/2002/dsa-136>.  this
> advisory seems to indicate that the 0.9.6c version of openssl that is
> in woody has been patched to eliminate the widely-discussed
> vulnerability in openssl versions before 0.9.6e.  in other words, i

See a recent thread on debian-security, in particular
archive/latest/8908 .

According to that discussion, it would seem that 0.9.6c-2.woody.0 is
safe from this.

good times,
Vineet
-- 
http://www.doorstop.net/
-- 
http://www.aclu.org/		It's all about Freedom.

Attachment: pgpL99zhEcMbr.pgp
Description: PGP signature

Reply to:

References:
- openssl-0.9.6c-2.woody.0 not vulnerable, right?
  - From: "Alan Su" <alsu@cs.ucsd.edu>

Prev by Date: question about /etc/passwd entries
Next by Date: Re: openssl-0.9.6c-2.woody.0 not vulnerable, right?
Previous by thread: openssl-0.9.6c-2.woody.0 not vulnerable, right?
Next by thread: Re: openssl-0.9.6c-2.woody.0 not vulnerable, right?
Index(es):
- Date
- Thread