On Mon, Feb 24, 2003 at 07:41:20PM -0500, Raymond Wood wrote: > > For the unstable distribution (sid) this problem has been fixed in > > version 0.9.7a-1. > > > > We recommend that you upgrade your openssl packages. > [snip] > > On sid/unstable, I have installed all the recommended patches, > including installing libssl0.9.7 (version 0.9.7a-1). > > I notice, however, that the old version i.e. > ii libssl0.9.6 0.9.6i-1 SSL shared libraries (old version) > is still installed. Furthermore there are a large number of > installed software packages that show dependencies on the old > version of libssl. > > Am I (potentially) vulnerable by virtue of have the old version > above still installed on my system?
Read /usr/share/doc/libssl0.9.6/changelog.Debian.gz. -- - mdz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
