Mailinglist Archive: opensuse-security (375 mails)

< Previous Next >
Re: [suse-security] OpenSSL Vulnerability
  • From: Stefan Nilsen <stefan.nilsen@xxxxxxxxx>
  • Date: Mon, 16 Sep 2002 00:37:14 +0200
  • Message-id: <200209160037.14818.stefan.nilsen@xxxxxxxxx>
> Just run "rpm -q openssl --changelog"
>
> > OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow
> > Vulnerability http://online.securityfocus.com/bid/5363/solution
> >
> > Linux.Slapper.Worm
> > http://securityresponse.symantec.com/avcenter/venc/data/linux.slapp
> >er.worm.html
> >
> > Users are strongly encouraged to upgrade existing versions of
> > OpenSSL to version 0.9.6e or 0.9.7beta3.
>
> No need if you are using SuSE packages:
>
> on 7.3 (openssl-0.9.6b-150):
> * Fri Jul 26 2002 - okir@xxxxxxx
>
> - Added security patch for remotely exploitable buffer overflows
>
>
> on 8.0 (openssl-0.9.6c-80)
> * Fri Jul 26 2002 - okir@xxxxxxx
>
> - Added security patch for remotely exploitable buffer overflows
>
> Regards, -Kastus

How about SuSE 7.0?

Do I have to upgrade, or will patched versions come to this version?


< Previous Next >