Summary: | 2 Security Vulnerabilities in openssl (0.9.6c to 0.9.6k and 0.9.7a to 0.9.7c) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Matthias Geerdsen (RETIRED) <vorlon> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | aliz, avenj, m.debruijne, tigger, wschlich |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://http://www.openssl.org/news/secadv_20040317.txt | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Matthias Geerdsen (RETIRED)
2004-03-17 05:58:36 UTC
Aliz - would you put together an ebuild for 0.97d and 0.96m? I'll have them ready within an hour. I'll mask them and let you guys unmask them when you're ready. 0.9.7d and 0.9.6m are now unmasked. ~0.9.7c hardmasked in packages.mask Sparc64 works here. Sparc32 needs to be tested though (i can't) It took well over 30 mins to fetch openssl from any server so I pushed a copy of m & d out via out distfiles-local so end users wont have the same problem at fetch time. ~arch 0.9.7d builds and seems to works correctly over here. Arch-Maintainers: Please test 0.9.7d and 0.9.6m (x86, ppc, sparc, mips, alpha, hppa) so we can push this through today. Please don't take this as being surly, as it's not. But since both of the ebuilds are already stable, why ask for testing? It doesn't seem we can go backwards. Sorry - I don't have CVS access, packages.g.o and viewcvs do not have it marked as stable. GLSA to go out asap. |