I was under the understanding that it was fixed with the latest packages (
listed below ).
However , the libssl.so that apache calls , comes with the mod_ssl package.
I'm wondering how that was compiled up and if it has the latest fixes.
I would like Redhat to make a statement either way - whete
All,
I'm replacing a bunch of IIS servers with Apache/SSL , and was wondering
about the new CERT Advisory " CA-2002-27 Apache/mod_ssl Worm ". I've
downloaded the latest openssl from Redhat ( openssl-0.9.6b-28 ) . I wanted
to double check that version prevents the new worm from hitting our Apache
