OpenSSL and OpenSSH vulnerabilities
Joseph Suarez
sofocles1030 at hotmail.com
Tue Oct 12 12:32:22 UTC 2004
Hi,
As I understand it OpenSSL v 0.9.7a and OpenSSH v 3.6.1p2 used in FC2 have
had vulnerabilities for quite some time, as per the following advisories:
(http://www.openssl.org/news/secadv_20040317.txt)
(http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:090)
My question is: are these vulnerabilities serious enough so that said
libraries need to be updated, which leads to next question, as to where to
find these updates (as there are presently none) on the FC2 updates mirror
sites, in order to perform updates via "yum" for example?
TIA, and please forgive my ignorance if thats the case :)
Joseph
_________________________________________________________________
Check out Election 2004 for up-to-date election news, plus voter tools and
more! http://special.msn.com/msn/election2004.armx
More information about the fedora-list
mailing list