This one time, at band camp, O Plameras wrote: >What I know is there is security issue. I did not know that openssl-0.9.7f >has been patched to fix this problem until I saw a number of post on this >list. But the 0.9.8a release has the fix according to their site. So, I >tried >to go for it.
Subscribing to the security annoucements list for your distribution will alert you to the availability of patched packages as soon as they're available, and these announcements always contain details of the security issues that have been fixed (i.e. CVE numbers, etc). These are also published on the distros security site: Red Hat: http://www.redhat.com/security/updates/ Debian: http://www.debian.org/security/#DSAS Fedora annoucements appear to only go to their annouce mailing list, which does have a publicly browsable archive. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
