A few days ago there were serveram security-patches, however slackware-10.1 was not mention in the openssl-patch (SSA:2010-090-01).
Does this mean it is not vulnerable or is 10.1 End Off Lifetime?
I also noticed that the normal packages are not longer available on
Another question: is there a way to upgrade the version remotely? (so without going to runlevel 1).
I have still 7 server running on 10.1, and don't want to spent half a day in the noisy datacenter..
EDIT: Nevermind I have no idea what I'm talking about.
That Slackware patch fixed two security vulnerabilities in OpenSSL. However: CVE-2010-0740 does not affect the version of OpenSSL in Slackware 10.1, while CVE-2010-0433 only makes you vulnerable when you have Kerberos support compiled in but are not using it (Slackware does not use kerberos).
So, you are still safe.
|All times are GMT -5. The time now is 10:46 PM.|