Am Mi, den 01.12.2004 schrieb scootgirl.com um 2:04: > Hi Rahul, > > I used that tool and it said everything on my system was OK except the > following: > > [16:55:09] Scanning OpenSSL... > [16:55:09] /usr/bin/openssl found > [16:55:09] Version 0.9.7a seems to be vulnerable (if unpatched)! > > I wonder if this is a false positive since I use the up2date tool > frequently. If not, where can I get this patch? > Karen Its a false positive. Lame tools just checking for application version numbers bring lame results. On distributions like Fedora with packages which are nearly always patched such tools do mostly just irritate. Check the bug reports and the RPM's changelog. Alexander -- Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.9-1.6_FC2smp Serendipity 02:07:21 up 10 days, 20:54, load average: 0.77, 0.58, 0.46
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
