[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-dev
Subject: Re: OpenSSL patches for other versions
From: Richard Levitte - VMS Whacker <levitte () stacken ! kth ! se>
Date: 2002-07-31 12:03:04
[Download RAW message or body]
In message <00ef01c2388a$0ecaa8c0$390110ac@kovaiteam> on Wed, 31 Jul 2002 17:29:32 +0530, "kumar" <kumaresh_ind@gmx.net> said:
kumaresh_ind> Hello all,
kumaresh_ind> I am using OpenSSH with OpenSSL(0.9.6d)
kumaresh_ind> What is the impact of this OpenSSL vulnerability in openssh?
kumaresh_ind> Anyone have answers.Please share.
As long as OpenSSH doesn't touch anything related to SSL or ASN.1, you
should be safe. OpenSSH doesn't talk SSL, and as far as I know, it
doesn't handle certificates yet (that's where ASN.1 would come in).
If OpenSH handles certificates, it should be possible to disable that
until you have made appropriate upgrades.
My 2 cents...
--
Richard Levitte \ Spannvägen 38, II \ LeViMS@stacken.kth.se
Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
\ SWEDEN \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- poei@bofh.se
Member of the OpenSSL development team: http://www.openssl.org/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic