Menu
▾
▴
Re: [tbox-l] Openssl
|
From: Reza A. <ar...@au...> - 2006-09-25 18:20:57
|
Hi Sam, On 21 Sep 2006, 10:19AM CDT, Sam...@in... wrote: > There is a Cert advisory out for some time now with a fix in openssl > 0.9.7h and above. The openssl in the Toolbox has been 0.9.7g for some > time now. Is there anyway to get an update to a more recent level? Our 0.9.7g package was indeed rebuilt with the fix for CVE-2006-4339. It is available at <http://www6.software.ibm.com/dl/aixtbx/aixtbx-p>. OpenSSL is an important package, and a moving target at that. We're currently pushing through the red tape needed to release 0.9.8c. All I can say is we'll have it out there as soon as we are cleared to. Alternatively, it's not too tough to build a newer openssl package from our spec file if you want to jump to 0.9.8 right now. Thanks for the heads up on the CERT advisory. I appreciate it. -- Reza Arbab ar...@au... |
