I feel it was pretty appropriate. We upgraded to 0.9.6e when we
saw the vuln. Now they can do a DOS instead of a Buffer Overflow
correct? The consensus in my development team was that was much better
to be able to crash the application that be able to obtain access to the
box. The only bad thing you could say it the fact that our release date
was the same day that g came out.. Oh well. :)- Andrew T. Finnell Active Solutions L.L.C [EMAIL PROTECTED] > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of Aleksey Sanin > Sent: Friday, August 09, 2002 9:53 PM > To: [EMAIL PROTECTED] > Subject: Re: [ANNOUNCE] OpenSSL 0.9.6g released > > > > > > > >> The issue here is responsiveness yet maintaining stability and > >> compilability in the releases. There should only have been _ONE_ > >> release, not _THREE_. > > > Please, raise your hands everyone who never was in the same > situation! > This is the life, > move forward! Now OpenSSL team has a stable release and an > expirience on > how to > deal with such situation. Cross your fingers and they will > never do it > again :) > > > Aleksey Sanin > > BTW, thanks for creating patches and new release(s) soo quickly! > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
