SSL Update due to Security Advisory
Ian G Batten
I.G.Batten at ftel.co.uk
Mon Feb 24 07:10:37 EST 2003
On Mon, 24 Feb 2003, Peter Lawler wrote:
> For those who may have missed it,
> http://www.openssl.org/news/secadv_20030219.txt
As a datapoint, although I could compile Cyrus against OpenSSL 0.9.7a
and it appeared to work for imaps, both apache 1.3.27 and sendmail
8.12.7 didn't work correctly (coredump in EWP_update or something).
I've backed out to OpenSSL 0.9.6i which fixes the vulnerability and also
works with all the packages I need to link against.
ian
More information about the Info-cyrus
mailing list