Hi! Someone could please tell me how can I verify that these security bugs are fixed or not in openbsd-3.9-stable?
PHP: CVE-2006-4020 [0] OpenSSL: CVE-2006-4339 [1] OpenSSL: I'm updating my source tree regurarly and didn't notice any changes to openssl's sources. PHP: I can verify that the php5-core sources from ports (-stable) doesn't contain the patch from the php bug tracker [2]. I think it means that my current php5 install is vulnerable to this flaw. Do I need to manually apply the patch, or there will be an update to this? Thanks! Daniel Links: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020 [1] http://www.openssl.org/news/secadv_20060905.txt [2] http://bugs.php.net/bug.php?id=38322 -- LeVA
