OpenSSL 0.9.7a seems to be vulnerable (was: Re: LKM Trojan)

ne... guhvies at gmail.com
Sat Dec 4 21:51:34 UTC 2004


On Sat, 04 Dec 2004 17:24:01 +0100 (CET), thomas.skybakmoen at runbox.no
<thomas.skybakmoen at runbox.no> wrote:
> > thomas.skybakmoen at runbox.no wrote:
> > > May I ask why openssl 0.9.7a is used and not the latest, when looking at the rate of when packages are updated in Fedora this is close to the only one beeing held back..why?
> > >
> >
> > Have you looked at the changelog in openssl? Any security issues
> > are backported to the rpm and the name remains the same.
> >
> > HTH
> Yes, one can do this with all packages.. but it still does not answer my question...
Within point releases of openssl, the API/ABI has been known
to change. Don't ask where I read this 'cause I cannot remember.

N.Emile...
-- 
Registered Linux User # 125653 (http://counter.li.org)
Certified: 75% bastard, 42% of which is tard. 
http://www.thespark.com/bastardtest




More information about the fedora-list mailing list