On Fri, Mar 30, 2007 at 11:31:57AM -0700, Kirsten Petersen wrote: > We are seeing this issue with libssl 0.9.8c-4 on a debian etch box. > Will there be a fix for this version available in etch?
This really should have been fixed in 0.9.8c-4. This has also been fixed upstream in the 0.9.8c version. No version in etch should be affected by this bug. You're also like the only one complaining, so I have the feeling something else is wrong. Can you tell me a little more about the problem you're seeing? Is it easy to reproduce? Can you reproduce it using openssl? Is it a self written application, or something else that's available in Debian? Do you know what the other side of the connection is using? There are some other "bad record MAC" bugs open. I think most of them are related to multithreaded applications that don't use the CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() functions. Kurt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
