On Tue, Jan 07, 2003 at 08:00:11AM -0700, Miles Beck wrote: > Is there an updated OPENSSL package for Debian greater than OpenSSL-0.9.6c?
Yes, 0.9.6c-2.woody.1. It contains all the security fixes present in openssl-0.9.6g. > ~/Net_SSLeay.pm-1.21$ perl Makefile.PL > Checking for OpenSSL-0.9.6g or newer... > You have OpenSSL-0.9.6c installed in /usr > openssl-0.9.6d and earlier versions have security flaws, see advisory at > www.openssl.org, upgrading to openssl-0.9.6g is recommended. This perl module is being stupid. It is merely checking the version string and basing its idea of the security of openssl on that. The security problems it thinks are present are not, in fact, present. noah -- _______________________________________________________ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html
msg08380/pgp00000.pgp
Description: PGP signature
