Subject: OpenSSL CVE-2007-4995 in netbsd-3
To: None <>
From: Brian A. Seklecki <>
List: tech-security
Date: 11/27/2007 11:34:47
I don't see a pullup in the changelog for -rnetbsd-3:

According to:

"Versions Affected

 All releases of 0.9.8 prior to 0.9.8f. All releases of 0.9.7 prior to

3-stable seems to have:

$ openssl version
OpenSSL 0.9.7d 17 Mar 2004

We should patch it.  I'm looking into it now.