Apache/mod_ssl Worm
Dan Burcaw
yellowdog-general@lists.terrasoftsolutions.com
Tue Sep 17 15:55:00 2002
I believe the openssl update we put out in early August
rectifies the situation. It is the same code that
Red Hat put out in late July/early August.
I believe Red Hat backported the fix to 0.9.6b in order
to maintain completely compatibility.
>
> Is YDL 2.2 vulnerable to the Apache/mod_ssl Worm?
>
> Since the worm propagates by sending source code, it seems that running
> on an un-popular processor (PPC) is not the protection that it usually
> would be.
>
> It is claimed that "OpenSSL 0.9.6e" provides protection. I just did an
> "apt-get upgrade" on my YDL 2.2 system, so it should be up-to-date, yet
> I find via "rpm -qi openssl" that it's running "OpenSSL 0.9.6b"
>
> Just a thought...
>
> Rick
> _______________________________________________
> yellowdog-general mailing list
> yellowdog-general@lists.terrasoftsolutions.com
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general
>