>From the changelog: (via rpm -q --changelog) * Thu Aug 01 2002 Nalin Dahyabhai <[EMAIL PROTECTED]> 0.9.6b-28
- update asn patch to fix accidental reversal of a logic check * Mon Jul 29 2002 Nalin Dahyabhai <[EMAIL PROTECTED]> 0.9.6b-25 - add patch to fix ASN.1 vulnerabilities Wow!! That gives me a ton of information! That completely puts me at ease about the openssl exploit and Slapper.worm. Also it seemed lots of people on this list were questioning if 0.9.6b-28 was really safe or not.... So I got it directly from RedHat's mouth (so to speak) -----Original Message----- From: Trevor [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 1:48 PM To: [EMAIL PROTECTED] Subject: RE: Slapper Worm on openssl 0.9.6b(-28) "rpm -q --changelog openssl | grep ASN" can tell you the same thing... without the tech support <grin>. Trevor. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Nick White Sent: Wednesday, September 18, 2002 2:11 PM To: '[EMAIL PROTECTED]' Subject: RE: Slapper Worm on openssl 0.9.6b(-28) That's exactly why I contacted RedHat... They don't have information anywhere about the worm on their web site. I received a response back from a higher level tech support person at RedHat confirming that the up2date openssl package 0.9.6b-28 is safe. (see RedHat's response below) Dear Sir, We apologize for the delay. Our Escalation point has responded and he said that the latest openssl update (the one that you have installed) is not vulnerable to the slapper worm. Red Hat Developers have already patched the package against the exploit used by the slapper worm. Regards, Erik This email and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. This communication represents the originator's personal views and opinions, which do not necessarily reflect those of the company. If you are not the original recipient or the person responsible for delivering the email to the intended recipient, be advised that you have received this email in error, and that any use, dissemination, forwarding, printing or copying of this email is strictly prohibited. If you received this email in error, please immediately notify the sender. -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
