On Thursday, 16.11.2006 at 21:50 +0100, Stephan Seitz wrote:
> On Thu, Nov 16, 2006 at 08:25:00PM +, Dave Ewart wrote:
> >to which the machine is put. Kernel bugs are normally only
> >exploitable by local users; SSL bugs are most likely to be
> >exploitable remotely. If
>
> Only partly true
On Thu, Nov 16, 2006 at 08:25:00PM +, Dave Ewart wrote:
to which the machine is put. Kernel bugs are normally only exploitable
by local users; SSL bugs are most likely to be exploitable remotely. If
Only partly true, I think. If you have a server application like apache,
which has a bug
On Thursday, 16.11.2006 at 12:08 -0800, Kevin B. McCarty wrote:
> > I had a strong *shrug* when i noticed that my stable system
> > (originally woody, upgraded to sarge without kernel change) still
> > had
> ^^^
> If you are running Debian-p
; OpenSSL version 0.9.7e installed, despite a dayly dist-upgrade.
>
> After looking at debian's sarge repository, i saw that the most up to
> date package is 0.9.7e-3sarge4, which i have (0.9.7 dates back from
> 2004). My question is, why on earth don't we have a newer ve
2006/11/15, Nicolas Pillot <[EMAIL PROTECTED]>:
I though that all the security fixes were included into sarge, am i wrong ?
If someone could give me some details, i'd be quite happy to learn :-)
After some research, it looks like the debian patch, named
[openssl_0.9.7e-3sarge4.diff.gz] has a mo
I had a strong *shrug* when i noticed that my stable system
(originally woody, upgraded to sarge without kernel change) still had
OpenSSL version 0.9.7e installed, despite a dayly dist-upgrade.
After looking at debian's sarge repository, i saw that the most up to
date package is 0.9.7e-3s
6 matches
Mail list logo