Date: Thu, 18 Mar 2004 14:33:10 -0600 From: "Jacques A. Vidrine" <nectar@FreeBSD.org> To: "Andrew L. Neporada" <andr@dgap.mipt.ru> Cc: freebsd-security@freebsd.org Subject: Re: latest openssl vulnerability Message-ID: <20040318203310.GA51002@madman.celabo.org> In-Reply-To: <20040318201727.GA14840@nas.dgap.mipt.ru> References: <20040318201727.GA14840@nas.dgap.mipt.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Mar 18, 2004 at 11:17:27PM +0300, Andrew L. Neporada wrote: > Is it true that (dynamic) binaries are vulnerable if and only if they are > linked with libssl.so.3, not with libcrypt or libcrypto? Yes, the bug is in libssl. Cheers, -- Jacques Vidrine / nectar@celabo.org / jvidrine@verio.net / nectar@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040318203310.GA51002>