Hi, the worm uses an error in the openssl package. So if you upgraded the openssl package from http://ftp.gwdg.de/pub/linux/suse/ftp.suse.com/suse/i386/update/7.1/sec1/ope... you should be secure. With all that people panicing around, maybe a seperate security announcement containing the necessary fixes (that are just links to the old updated packages... :P ) would be a good idea? ciao Tom Markus Gaugusch wrote:
On Sep 16, Olaf Kirch
wrote: Slapper is using an OpenSSL mod_ssl exploit reported and patched at http://www.openssl.org/news/secadv_20020730.txt. The security update openssl release 20020812 by SuSE fixes the problem? Thanx
It does.
Olaf
Why is mod_ssl.rpm from suse 7.1 dated 29-Jul-2002 13:47 ? Am I at risk???
I looked at http://ftp.gwdg.de/pub/linux/suse/ftp.suse.com/suse/i386/update/7.1/sec2/
Markus
-- this is a maillist account, so please send personal replies to cso[at]trium[dot]de