Date: Wed, 15 Dec 1999 11:16:03 -0700 From: Warner Losh <imp@village.org> To: Chris Johnson <cjohnson@palomine.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: CERT released RSAREF bulletin Message-ID: <199912151816.LAA62258@harmony.village.org> In-Reply-To: Your message of "Wed, 15 Dec 1999 05:01:49 EST." <19991215050149.A3602@palomine.net> References: <19991215050149.A3602@palomine.net> <4.2.2.19991214112940.01c3d5b8@mail.myable.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <19991215050149.A3602@palomine.net> Chris Johnson writes: : Of these, I'm using OpenSSH, openssl, and pipsecd. It seems to me that all of : these link rsaref dynamically, and that therefore I should need only to rebuild : rsaref to ensure my safety. Can someone say definitively whether this is the : case? And if so, why do I keep seeing these messages telling me I need to : rebuild anything that depends on the rsaref port? Also, was the fix that was : applied to the ssh port also applied to the OpenSSH port? I listed all the ports that used the rsaref port as ones to rebuild. It is the only way to be sure, even though not all ports that use it are vulnerable. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199912151816.LAA62258>