16 Sep
2002
16 Sep
'02
14:45
On Mon, Sep 16, 2002 at 04:37:02PM +0200, Markus Gaugusch wrote:
The security update openssl release 20020812 by SuSE fixes the problem? Thanx
It does.
Olaf Why is mod_ssl.rpm from suse 7.1 dated 29-Jul-2002 13:47 ? Am I at risk???
All security holes discussed in http://www.openssl.org/news/secadv_20020730.txt refer to bugs in the OpenSSL libraries themselves, i.e. libssl and libcrypto. The vulnerability exploited by the worm is not in the mod_ssl module itself, it's in these libraries. Hope this sheds some light on the issue. Olaf -- Olaf Kirch | Anyone who has had to work with X.509 has probably okir@suse.de | experienced what can best be described as ---------------+ ISO water torture. -- Peter Gutmann