[Pkg-openssl-devel] Bug#603709: Bug#603709: openssl: CVE-2010-3864
Kurt Roeckx
kurt at roeckx.be
Fri Nov 19 19:15:13 UTC 2010
On Fri, Nov 19, 2010 at 12:15:45PM +0200, Ivan Zahariev wrote:
> Hi Kurt,
>
> On "16 Nov 2010 18:57:45 +0100" you wrote that you uploaded
> "openssl-0.9.8g-15+lenny9" to the security archive, but this package
> version is still not available online:
>
> http://security.debian.org/debian-security/pool/updates/main/o/openssl/
>
> Furthermore, as expected, "apt-get upgrade" does not install the
> "lenny9" version of OpenSSL, and all stable Debian installations are
> still vulnerable.
You will need to wait until the security team has release the DSA
before it's available.
Kurt
More information about the Pkg-openssl-devel
mailing list