You can disregard the following email if you don't use Red Hat Linux 7.0 and above.
Having waited for an update to openssl from RedHat, I decided to call them. They've not had anyone ask them for an update, which came as a bit of a shock. I have therefore registered a request to release an update to openssl via their bugzilla site. For information, the vulnerability that Linux Slapper takes advantage of was fixed in openssl on 30th July. See http://www.cert.org/advisories/CA-2002-23.html for details. The previous openssl errata at http://rhn.redhat.com/errata/RHSA-2002-160.html has no mention of the buffer overflows fixed on July 30th. This package was built on August 1st, so it is unlikely to include the 0.9.6d patches due to the time lag of testing patches by Red Hat. You can add your comments to the bug report at https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=74312. If I haven't heard from them soon, I will probably release an update myself. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] Reality TV - the ultimate oxymoron - NOTICE: The information contained in this email and any attachments is confidential and may be legally privileged. If you are not the intended recipient you are hereby notified that you must not use, disclose, distribute, copy, print or rely on this email's content. If you are not the intended recipient, please notify the sender immediately and then delete the email and any attachments from your system. RNIB has made strenuous efforts to ensure that emails and any attachments generated by its staff are free from viruses. However, it cannot accept any responsibility for any viruses which are transmitted. We therefore recommend you scan all attachments. Please note that the statements and views expressed in this email and any attachments are those of the author and do not necessarily represent those of RNIB. RNIB Registered Charity Number: 226227 Website: http://www.rnib.org.uk ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]