I was under the understanding that it was fixed with the latest packages ( listed below ).
However , the libssl.so that apache calls , comes with the mod_ssl package. I'm wondering how that was compiled up and if it has the latest fixes. I would like Redhat to make a statement either way - wheter the fixes are included or not . If so , how did .buqtrac.c get on your system ? Best I can tell by cross checking errata is that they were fixed . However , now I'm wondering ... Billy > ---------- > From: Jiann-Ming Su[SMTP:[EMAIL PROTECTED]] > Reply To: [EMAIL PROTECTED] > Sent: Tuesday, September 17, 2002 2:26 PM > To: [EMAIL PROTECTED] > Subject: New CERT Advisory on Apache/mod_ssl? > > In regards to the most recent advisory: > http://www.cert.org/advisories/CA-2002-27.html > > Does RH have an updated RPMS to secure this vulnerablility? I'm currently > running RH7.3 with the latest updates from rhn: > > openssl-perl-0.9.6b-28 > openssl-devel-0.9.6b-28 > openssl-0.9.6b-28 > mod_ssl-2.8.7-6 > > However, the .bugtraq.c source code was left in my /tmp directory. It > doesn't > appear to have been compiled or executed, though I still haven't quite > figured > out how that could happen. Anyway, will RH have new openssl and mod_ssl > rpms available soon, or am I left to compiling from source code? Thanks > for > any info. > > -- > Jiann-Ming Su [EMAIL PROTECTED] 404-712-2603 > Development Team Systems Administrator > General Libraries Systems Division > > > > -- > redhat-list mailing list > unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe > https://listman.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
