On 05.03.2016 15:52, Adam Osuchowski wrote:
Elan Ruusamäe wrote:
>i don't know, doesn't that make openssl version vulnerable to DROWN attack?
If I understood security advisory correctly
(http://openssl.org/news/secadv/20160301.txt),
there should be no problems with 1.0.2g unless client/server
Elan Ruusamäe wrote:
> i don't know, doesn't that make openssl version vulnerable to DROWN attack?
If I understood security advisory correctly
(http://openssl.org/news/secadv/20160301.txt),
there should be no problems with 1.0.2g unless client/server uses SSLv2
or SSLv2 ciphersuites (that are dep
On 05.03.2016 15:07, Adam Osuchowski wrote:
Elan Ruusamäe wrote:
due nature of the change of recent openssl (removing symbol) and upstream
not tracking this in SONAME it is impossible to know what got broken
Maybe it's better to force enabling SSLv2 support than bump releases of
indefinite numb
Elan Ruusamäe wrote:
> due nature of the change of recent openssl (removing symbol) and upstream
> not tracking this in SONAME it is impossible to know what got broken
Maybe it's better to force enabling SSLv2 support than bump releases of
indefinite number of other packages.
It was rather unlik
On Sat, Mar 05, 2016 at 12:14:35AM +0200, Elan Ruusamäe wrote:
> and not sure it is correct scanning, as wget works without being rebuilt:
>
> # objdump -T /lib64/libcrypto.so.1.0.0|grep SSLv2
> 00106c00 gDF .text 00e1 Base
> RSA_padding_add_SSLv23
> 00106
On 04.03.2016 23:18, Elan Ruusamäe wrote:
due nature of the change of recent openssl (removing symbol) and
upstream not tracking this in SONAME it is impossible to know what got
broken
it's not that impossible to find, but rebuilding them is. here's list of
files affected (the first dir is n
On 04.03.2016 22:23, Andrzej Zawadzki wrote:
Hi,
please, don't break my notebook ;-)
/
//startkde: Starting up...//
///usr/bin/kdeinit4: symbol lookup error: /usr/lib64/libQtNetwork.so.4:
undefined symbol: SSLv2_server_method//
//startkde: Could not start kdeinit4. Check your installation./
tha
On 04.03.2016 21:33, Łukasz Maśko wrote:
> Dnia piątek, 4 marca 2016 21:23:24 Andrzej Zawadzki pisze:
>> Hi,
>>
>> please, don't break my notebook ;-)
>> /
>> //startkde: Starting up...//
>> ///usr/bin/kdeinit4: symbol lookup error: /usr/lib64/libQtNetwork.so.4:
>> undefined symbol: SSLv2_server_me
Dnia piątek, 4 marca 2016 21:23:24 Andrzej Zawadzki pisze:
> Hi,
>
> please, don't break my notebook ;-)
> /
> //startkde: Starting up...//
> ///usr/bin/kdeinit4: symbol lookup error: /usr/lib64/libQtNetwork.so.4:
> undefined symbol: SSLv2_server_method//
> //startkde: Could not start kdeinit4. Ch
Hi,
please, don't break my notebook ;-)
/
//startkde: Starting up...//
///usr/bin/kdeinit4: symbol lookup error: /usr/lib64/libQtNetwork.so.4:
undefined symbol: SSLv2_server_method//
//startkde: Could not start kdeinit4. Check your installation./
Downgrade openssl, uf
--
Andrzej
__
10 matches
Mail list logo
