Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: David on February 25, 2003, 01:03:11 AM

Title: Open SSL/Security
Post by: David on February 25, 2003, 01:03:11 AM

Hi !

Open SSL have a security hole :
http://www.openssl.org/news/secadv_20030219.txt

And I suppose the bug is also in sshd.

Do you think there will be an update soon about that ? Or do we have to use redhat packages ?

Thanks,

David

Title: Re: Open SSL/Security
Post by: Bill Talcott on February 25, 2003, 05:32:32 PM

Did you send this to the security team via email?

Title: Re: Open SSL/Security
Post by: David on February 25, 2003, 05:40:28 PM

No I didn't... I don't have the email of the Security team.

Title: Re: Open SSL/Security
Post by: Dan Brown on February 25, 2003, 05:50:31 PM

smesecurity@mitel.com

Title: Re: Open SSL/Security
Post by: Nathan Fowler on February 25, 2003, 08:22:56 PM

I use the RH updates and have no issues.  I'd also look at upgrading Apache, Mod-SSL, OpenSSH, and any others that you can.

http://rhn.redhat.com/errata