January 06, 2003
Openssl

I don't normally run mod_ssl so didn't pay attention.. but if you're running it (and RedHat gives you mod_ssl by default, yucky yuck) and have openssl v 0.9.6c or lower.. you're vulnerable to .cinic worm. So go patch up.
May I just add.. RedHat is a pain to patch if you don't use an rpm..

Posted January 06, 2003 01:15 AM in Geek Stuff
TrackBack URL for this entry: http://www.unix-girl.com/mt/mt-tb.cgi/471
Comments
On January 6, 2003 12:49 PM Jeremy Zawodny added:

And RPMs are a pain, so....

#
On January 6, 2003 01:49 PM kasia added:

So, of course I went with lesser evil and built from source :)

#
On January 6, 2003 03:33 PM Techie2000 added:

I also hate RPMs. It's what drew me to Gentoo. SuSE was a great distro, but I hate RPMs. Gentoo builds everything from source and I just find it nice...:)

#
On January 6, 2003 04:55 PM Gav added:

Install apt-rpm* so it's just a matter of:

apt-get update
apt-get dist-upgrade

easy :)

* http://apt-rpm.tuxfamily.org/

#
On January 6, 2003 06:15 PM Matt added:

You have 226,571 config files that need updating. Type emerge --help config for details.

Hmm... time to clean up /etc

(no, I don't really have that many files that need updating)

#
On January 6, 2003 08:04 PM Techie2000 added:

ROFL. Time to get to work. I actually like their config protection system...

#
On January 9, 2003 04:20 PM kajtzu added:

RedHat's openssl is actually secure and all. Instead of upping the version to a current one their policy is usually to backport only the security patches. On a side note, net-snmp got upped from 5.0.1 to 5.0.6 recently contrary to the normal policy. :)

#
Trackbacks