Subject: Re: openssh and 1.5.4_ALPHA openssl version
To: Frederick Bruckman <firstname.lastname@example.org>
From: David Brownlee <email@example.com>
Date: 08/20/2002 12:00:36
On Tue, 20 Aug 2002, Frederick Bruckman wrote:
> On Tue, 20 Aug 2002, David Brownlee wrote:
> > Is UPDATE_INTREE_OPENSSH still supposed to work with 1.5.x?
> > /pkgsrc/security/openssh)65# make UPDATE_INTREE_OPENSSH=1
> > ===> OpenSSL>=0.9.5a in the base distribution is required.
> > /pkgsrc/security/openssh)66# openssl version
> > OpenSSL 0.9.5a 1 Apr 2000
> I guess not. The base openssl in 1.5.4_ALPHA seems to be vulnerable to
> the DoS fixed in openssl-0.9.6f.
At the very least the IGNORE message should be updated to reflect
David/absolute -- www.netbsd.org: No hype required --