----- Original Message ----- From: "Thomas J. Hruska" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, November 05, 2004 4:08 PM Subject: Re: OpenSSL as part of OpenSA using Windows 2000
> At 08:33 AM 11/5/2004 +0000, Mike Hart writeth: > >Hello > > > >I have OpenSA 1.0.4 Installed on a Windows 2000 Server, there is a > >Denial of Service vulnerability with the OpenSSL 0.9.6g portion of > >this installation that requires OpenSSL to be upgraded to OpenSSL > >0.9.7d or 0.9.6m. There seems to be no further upgrades available for > >OpenSA that include updated OpenSSL. My question is - is there a > >simple way to upgrade the OpenSSL Component of OpenSA with version > >0.9.7e. > > > >Any advice would be appreciated. > > > >Regards > > > >Mike Hart > > Hello Mike, > > If it is dynamically linked, you could try deleting the OpenSSL DLLs from > the OpenSA directory and then use: > > http://www.slproweb.com/products/Win32OpenSSL.html > > > If it is statically linked, you are out of luck. Try contacting OpenSA. > > > Thomas J. Hruska > [EMAIL PROTECTED] > > Shining Light Productions > Home of the Nuclear Vision scripting language and ProtoNova web server. > http://www.slproweb.com/ > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] OpenSA has horrible support, as in the non-existant type. Try downloading and installing the Web server from www.devside.net. Usually works right out of the box. Kevin ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]