[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?
- Subject: Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?
- From: "paulos" <paulos@xxxxxxxxxxxxxx>
- Date: Mon Sep 16 01:38:00 2002
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
Has anyone looked at disabling SSLv2 as mentioned in the CERT advisory?
Might be the only thing we can do right now until Sun rush out a
fix/upgrade...
---------- Original Message -----------
From: Chris Adams <cmadams@xxxxxxxxxx>
To: cobalt-developers@xxxxxxxxxxxxxxx
Sent: Sun, 15 Sep 2002 22:18:02 -0500
Subject: [cobalt-developers] Re: OpenSSL patch for Linux worm?
> Once upon a time, Sherwin T. Ang <sherwin@xxxxxxxxxx> said:
> > will cobalt release a package for this? or are they on a holiday, it's
been
> > a day since the flaw came out, darn. i am starting to feel the effect of
Sun
> > taking over Cobalt.
>
> Actually, it has been almost three months since security holes were
> fixed in mod_ssl (the Apache module for SSL) and over six weeks since
> security holes were fixed in OpenSSL (the library that handles SSL).
> Sun has not released an update for the RaQs that fixes either
> problem, even though they've released fixes for Solaris IIRC.
> --
> Chris Adams <cmadams@xxxxxxxxxx>
> Systems and Network Administrator - HiWAAY Internet Services
> I don't speak for anybody but myself - that's enough trouble.
>
> _______________________________________________
> cobalt-developers mailing list
> cobalt-developers@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-developers
------- End of Original Message -------