Nico Golde schrieb: > Hi Christoph, > * Christoph Martin <[EMAIL PROTECTED]> [2008-05-28 17:13]: >> Nico Golde schrieb: >>> Package: openssl >>> Version: 0.9.8f-1 >>> Severity: grave >>> Tags: security > [...] >>> | Testing using the Codenomicon TLS test suite discovered a flaw in the >>> | handling of server name extension data in OpenSSL 0.9.8f and OpenSSL >>> | 0.9.8g. If OpenSSL has been compiled using the non-default TLS server >>> | name extensions, a remote attacker could send a carefully crafted >>> | packet to a server application using OpenSSL and cause a crash. >> This one does not affect the current Debian version, since it is not >> compiled with the tlsext option. > > Did you miss: > CONFARGS = --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 > zlib enable-tlsext > > ^^^^^^^^^^^^ Sorry. You are right. I stand corrected.
--
============================================================================
Christoph Martin, Leiter der EDV der Verwaltung, Uni-Mainz, Germany
Internet-Mail: [EMAIL PROTECTED]
Telefon: +49-6131-3926337
Fax: +49-6131-3922856
signature.asc
Description: OpenPGP digital signature
