Tiny Core Linux

Tiny Core Extensions => TCE Talk => Extension requests => Topic started by: solorin on May 06, 2012, 02:57:30 PM

Title: openssl
Post by: solorin on May 06, 2012, 02:57:30 PM

Heads up!
Latest update of openssl has important security fixes.
http://www.openssl.org/news/changelog.html

cheerio,
solorin

Title: Re: openssl & openssh
Post by: netnomad on May 07, 2012, 01:28:12 AM

hi solorin,

i agree... in that context openssh should be also considered.
the openssh-version of the repository is outdated and probably vulnerable:

tinycore-openssh.tcz:

      2010/03/25 Fixed bug in init script
      2010/04/04 Bumped to 5.4p1
            Rebuilt against openssl-0.9.8(n)
       2010/06/21 Bumped to 5.5p1
            Rebuilt against openssl-0.9.8(o)
Current:   2011/02/18 Bumped to 5.8p1
            Rebuilt against openssl-0.9.8(p)

Release History of openssh:

    OpenSSH 6.0: April 22, 2012
    OpenSSH 5.9: September 6, 2011
    OpenSSH 5.8: February 4, 2011

essential packages should be so current as possible.

thank you for your contribution.

Title: Re: openssl
Post by: Jason W on May 07, 2012, 09:43:52 AM

I'll aim to update openssl-1.0.0 to the i patchlevel hopefully today. 

Title: Re: openssl
Post by: Jason W on May 07, 2012, 10:23:55 AM

Done