Re: OpenSSL 0.9.7a seems to be vulnerable (was: Re: LKM Trojan)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Mi, den 01.12.2004 schrieb scootgirl.com um 2:04:

> Hi Rahul,
> 
> I used that tool and it said everything on my system was OK except the 
> following:
> 
> [16:55:09] Scanning OpenSSL...
> [16:55:09] /usr/bin/openssl found
> [16:55:09] Version 0.9.7a seems to be vulnerable (if unpatched)!
> 
> I wonder if this is a false positive since I use the up2date tool 
> frequently. If not, where can I get this patch?

> Karen

Its a false positive. Lame tools just checking for application version
numbers bring lame results. On distributions like Fedora with packages
which are nearly always patched such tools do mostly just irritate.
Check the bug reports and the RPM's changelog.

Alexander


-- 
Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.9-1.6_FC2smp 
Serendipity 02:07:21 up 10 days, 20:54, load average: 0.77, 0.58, 0.46 

Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux