OpenSSL Vulnerabilities

Usman · ‎08-19-2002

Recently 4 vulnerabilties have surfaced in OpenSSL version 0.9.6e and below. HP Apache based web server 1.3.26 also comes bundled with OpenSSL 0.9.6c. HP has not announced any patch or alternative. Can anyone tell when we should expect a patch.

harry d brown jr · ‎08-19-2002

In this case, HP does NOT own OpenSSL, but they have "ported" 9.6d.

http://hpux.connect.org.uk/hppd/hpux/Languages/openssl-0.9.6d/

If you need 9.6e or higher, then you could download the source and compile it.

live free or die
harry

Live Free or Die

Usman · ‎08-19-2002

I obviously know that HP has ported OpenSSL. However it is a requirement to offer patches when one is supporting an application. HP also does not own Apache or BIND but offer patches for them whenever there is a vulnerability and that is what we are looking for in this case.

Sridhar Bhaskarla · ‎08-19-2002

Hi,

This is what we do. We download source code from openssl.org or openssh.com, compile and bundle them into packages. It is bit tedious. This way you don't have to wait for HP to release it's bundles.

-Sri

You may be disappointed if you fail, but you are doomed if you don't try

Berlene Herren · ‎08-19-2002

Perhaps this can address some of the vulnerabilities...

http://www.kb.cert.org/vuls/id/JARL-55APFF

Berlene

http://www.mindspring.com/~bkherren/dobes/index.htm

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

OpenSSL Vulnerabilities

OpenSSL Vulnerabilities

Re: OpenSSL Vulnerabilities

Re: OpenSSL Vulnerabilities

Re: OpenSSL Vulnerabilities

Re: OpenSSL Vulnerabilities