Well, OpenSSL updates are nasty as god-knows-what is compiled against it. Either statically or dynamically.
Man ... after that detailed a write up, I hope *I* didn't just cause you to miss some sleep. ;)
Yeah, I knew there where lots of things linked against it, but I honestly didn't realize it was quite that much. I'm not real excited about the DoS potential, but it's better than giving someone access ... and worst case, I can just shut down https access to sites that don't need it if a DoS attack starts.
Thanks for the detailed response!
-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
_______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
