WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki

Author Topic: openssl  (Read 2625 times)

Offline solorin

  • Full Member
  • ***
  • Posts: 184
openssl
« on: May 06, 2012, 02:57:30 PM »
Heads up!
Latest update of openssl has important security fixes.
http://www.openssl.org/news/changelog.html

cheerio,
solorin
. . . if you don't know, now you know. . .
        ----- R.I.P. Biggie Smalls -----

Offline netnomad

  • Hero Member
  • *****
  • Posts: 1026
Re: openssl & openssh
« Reply #1 on: May 07, 2012, 01:28:12 AM »
hi solorin,

i agree... in that context openssh should be also considered.
the openssh-version of the repository is outdated and probably vulnerable:

tinycore-openssh.tcz:

      2010/03/25 Fixed bug in init script
      2010/04/04 Bumped to 5.4p1
            Rebuilt against openssl-0.9.8(n)
       2010/06/21 Bumped to 5.5p1
            Rebuilt against openssl-0.9.8(o)
Current:   2011/02/18 Bumped to 5.8p1
            Rebuilt against openssl-0.9.8(p)

Release History of openssh:

    OpenSSH 6.0: April 22, 2012
    OpenSSH 5.9: September 6, 2011
    OpenSSH 5.8: February 4, 2011

essential packages should be so current as possible.

thank you for your contribution.
« Last Edit: May 07, 2012, 01:34:39 AM by netnomad »

Offline Jason W

  • Retired Admins
  • Hero Member
  • *****
  • Posts: 9730
Re: openssl
« Reply #2 on: May 07, 2012, 09:43:52 AM »
I'll aim to update openssl-1.0.0 to the i patchlevel hopefully today. 

Offline Jason W

  • Retired Admins
  • Hero Member
  • *****
  • Posts: 9730
Re: openssl
« Reply #3 on: May 07, 2012, 10:23:55 AM »
Done