Bug 118622 - OpenSSL updated needed for CAN-2004-0079, CAN-2004-0081, CAN-2004-0112
Summary: OpenSSL updated needed for CAN-2004-0079, CAN-2004-0081, CAN-2004-0112
Alias: None
Product: Fedora
Classification: Fedora
Component: openssl (Show other bugs)
(Show other bugs)
Version: 1
Hardware: All Linux
Target Milestone: ---
Assignee: Joe Orton
QA Contact:
Keywords: Security
Depends On:
TreeView+ depends on / blocked
Reported: 2004-03-18 13:28 UTC by Joe Orton
Modified: 2007-11-30 22:10 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-03-25 10:17:00 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Joe Orton 2004-03-18 13:28:09 UTC
Description of problem:
CAN-2004-0079 and CAN-2004-0079 affect the openssl-0.9.7a packages
shipped in Fedora Core 1.  CAN-2004-0081 affects the openssl096 and
openssl-096b compat packages shipped in Fedora Core 1.

This is a tracker bug for this issue.

Comment 1 Daniel Roesen 2004-03-18 14:19:46 UTC
All this is fixed already for RH9. Why no rebuild and pushing it out
for FC1?

Comment 3 Robert Scheck 2004-03-18 18:07:25 UTC
Strange, the "stuff", as you write it in your posting at the 
mailinglist is tested for RH9 - and what's up with RHEL3? There is
an update available...untested?! So the latest update from OpenSSL for
RHEL3 and Fedora Development don't differ much. 

I still can't understand why the problem is fixed in the old RH9 (which
is near EOL), but also in the new RHEL3 which has approximately the 
same version as FC1/Rawhide, but there it isn't solved. ?:-|

Comment 4 Joe Orton 2004-03-18 19:55:36 UTC
FC1 update packages were made available for testing earlier today as
per fedora-test posting.  If you wish to accelerate progress of these
updates then test the packages and post results here.  Please keep any
other discussion to the mailing list. 

Comment 5 Kaj J. Niemi 2004-03-19 14:06:27 UTC
openssl-0.9.7a-33.10 Works For Me(tm) on the about 10 FC1 servers I
installed it on so far. There have been no issues with it during
upgrade/freshen and/or operation. Services in use are ssh, mod_ssl,
imapd with ssl. I'll upgrade the rest during the weekend but am not
expecting any problems.

Just a confirmation that things seem to work.

Comment 6 Joe Orton 2004-03-25 10:17:00 UTC
Thanks Kaj for posting your feedback; the update was released last Friday.

Note You need to log in before you can comment on or make changes to this bug.