DESCRIPTION: Andy Polyakov has reported a vulnerability in OpenSSL, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused due to an unspecified error within the DTLS implementation. Successful exploitation may allow the execution of arbitrary code. Note: Reportedly, this vulnerability affects only clients and servers explicitly using DTLS. The vulnerability is reported in all versions of 0.9.8 prior to 0.9.8f. SOLUTION: Update to version 0.9.8f and rebuild all packages using OpenSSL for DTLS. PROVIDED AND/OR DISCOVERED BY: Andy Polyakov ORIGINAL ADVISORY: http://www.openssl.org/news/secadv_20071012.txt
ebuild for 098f or patch needed
there is a search function, please use it *** This bug has been marked as a duplicate of bug 195634 ***
(In reply to comment #2) > there is a search function, please use it > > *** This bug has been marked as a duplicate of bug 195634 *** > hm, I did search, but not for closed bugs and since I was not able to see an update for openssl in portage, I thought it was not fixed. sorry, my fault
hm, may be I searched before the original bug was written... so a race condition ;)
