On Wed, Aug 15, 2007 at 07:46:34PM +0200, Kurt Roeckx wrote: > > For HEAD the fixes are: > http://cvs.openssl.org/chngview?cn=16275 > http://cvs.openssl.org/chngview?cn=16282 > http://cvs.openssl.org/chngview?cn=16306 > > For 0.9.8e you need: > http://openssl.org/news/patch-CVE-2007-3108.txt > > Which is a combination of: > http://cvs.openssl.org/chngview?cn=16277 > http://cvs.openssl.org/chngview?cn=16308
If you only applied the first of those, make test fails (as expected) with: wap-wsg-idm-ecid-wtls9: failed ECDSA test failed 3366:error:0307706E:bignum routines:BN_mod_lshift_quick:input not reduced:bn_mod.c:273: make[2]: *** [test_ecdsa] Error 1 All openssl 0.9.8 packages in Debian run the testsuite during build and fail on this if you got the wrong patch. The 0.9.7 versions don't and will fail silently. Kurt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
