Re: Installing libSSL 0.9.8 in debian jessie

To: venkat <venkat.s@vortexindia.co.in>
Cc: debian-user@lists.debian.org
Subject: Re: Installing libSSL 0.9.8 in debian jessie
From: Dan Ritter <dsr@randomstring.org>
Date: Thu, 3 Mar 2016 11:42:36 -0500
Message-id: <[🔎] 20160303164236.GK23158@randomstring.org>
In-reply-to: <[🔎] 56D83984.6000604@vortexindia.co.in>
References: <[🔎] 56D7E998.7030104@vortexindia.co.in> <[🔎] 20160303125621.GJ23158@randomstring.org> <[🔎] 56D83984.6000604@vortexindia.co.in>

On Thu, Mar 03, 2016 at 06:47:56PM +0530, venkat wrote:
> I have existing library which is built on 0.9.8 and i will be able to
> use it directly without any issues

Are you aware that 0.9.8 has the following security problems:

https://www.cvedetails.com/vulnerability-list/vendor_id-217/product_id-383/version_id-26306/Openssl-Openssl-0.9.8.html

including remote code execution?

It would be much better if you recompile your application
against a modern version, and make sure you keep it up to date.

-dsr-

Reply to:

References:
- Installing libSSL 0.9.8 in debian jessie
  - From: venkat <venkat.s@vortexindia.co.in>
- Re: Installing libSSL 0.9.8 in debian jessie
  - From: Dan Ritter <dsr@randomstring.org>
- Re: Installing libSSL 0.9.8 in debian jessie
  - From: venkat <venkat.s@vortexindia.co.in>

Prev by Date: Re: which files took the space
Next by Date: Re: XFS on root
Previous by thread: Re: Installing libSSL 0.9.8 in debian jessie
Next by thread: apt-get crashes when trying to update google-chrome 32 bit
Index(es):
- Date
- Thread