On Tue, Feb 26, 2008 at 05:02:27PM -0600, Blasdel, Jerry wrote: > Viktor, > > http://www.securityfocus.com/bid/25831/info has 0.9.7m as being > vulnerable. > > I'm not sure how one can try to get them to correct it on their list. >
Sorry, my mistake, not theirs, the fix for this issue has not yet been released as part of a 0.9.7x patch release. 0.9.7 stable fix, not released: http://cvs.openssl.org/chngview?cn=16642 0.9.8 fix, released. http://cvs.openssl.org/chngview?cn=16643 -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]