[TCLUG] Worm and openssl

[Nate Carlson]

On Thu, 19 Sep 2002, Bob Tanner wrote:
> > My question or delema... Since I have RedHat's version of openssl (0.9.6b)
> > and they say its been fixed, do I still update it and use the openssl
> > 0.9.6g from openssl.org's site or not?
>
> You are ok with RedHat's openssl.

Redhat's 'mostly' fixed it.. their version will still crash under certain
situations (or so I've gathered from Bugtraq), but it's not vulnerable.

-- 
Nate Carlson <natecars at real-time.com>   | Phone : (952)943-8700
http://www.real-time.com                | Fax   : (952)943-8500