openssl Vulnerabilities in ASN.1 parsing

From: Garrett, Matt M SITI-ITDIEEE (matt.garrett@shell.com)
Date: Wed Oct 01 2003 - 13:03:44 EDT

• Next message: Debbie Tropiano: "Sun Blade 100 & Firewire (IEEE 1394)"
• Previous message: Lewars, Mitchell (EM, PTL): "Adding X6541A to Solaris 8 on an E220R."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Folks

It looks like there is a problem with openssl 0.9.7b and below
http://www.openssl.org/news/secadv_20030930.txt

Question is , does openssh and other programs that rely on openssl need to be
re-compiled

My feeling is no because openssh and other such programs were not compiled as
a static programs.

Any thoughts ?

Matt

Matthew Garrett
Unix System Support
Shell Information Technology International Limited
Seafield House, North Anderson Drive, Aberdeen AB15 6GZ, United Kingdom
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Debbie Tropiano: "Sun Blade 100 & Firewire (IEEE 1394)"
• Previous message: Lewars, Mitchell (EM, PTL): "Adding X6541A to Solaris 8 on an E220R."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:27:13 EDT