[arch-dev-public] Fw: OpenSSL 0.9.8e has serious bug

Tom K tom at archlinux.org
Wed Apr 25 07:59:53 EDT 2007

Tom K wrote:
> David Rosenstrauch wrote:
>> So I think the fix is fine.  Only caveat is that, like Valient said, 
>> anyone who's created any encrypted directories using the broken version 
>> will need to whack them and start again.  You might want to reference 
>> Valient's email and/or this Arch email thread 
>> (http://archlinux.org/pipermail/arch/2007-March/013924.html) in whatever 
>> communication you send about the issue.
>> Hope this helps.  Any further questions, or need me to do any more 
>> testing, please feel free to write back.
>> DR
> Many thanks for the comprehensive reply, David. I'm still waiting to 
> hear from Valient regarding his tests, but I'll put the fixed package 
> into testing anyway, with appropriate accompanying messages.
> T.

Hi Valient.

Just wondering if you had a chance to test this. I've had a positive
response from David and from mcover on the forum, and I have no reports
of regressions with this patch. However, it would be good to hear from
you too before I move it to current.


More information about the arch-dev-public mailing list