EOL Slackware-10.1
A few days ago there were serveram security-patches, however slackware-10.1 was not mention in the openssl-patch (SSA:2010-090-01).
Does this mean it is not vulnerable or is 10.1 End Off Lifetime? I also noticed that the normal packages are not longer available on ftp://ftp.slackware.com/pub/slackwar...0.1/slackware/ Another question: is there a way to upgrade the version remotely? (so without going to runlevel 1). I have still 7 server running on 10.1, and don't want to spent half a day in the noisy datacenter.. |
EDIT: Nevermind I have no idea what I'm talking about.
|
That Slackware patch fixed two security vulnerabilities in OpenSSL. However: CVE-2010-0740 does not affect the version of OpenSSL in Slackware 10.1, while CVE-2010-0433 only makes you vulnerable when you have Kerberos support compiled in but are not using it (Slackware does not use kerberos).
So, you are still safe. Eric |
All times are GMT -5. The time now is 05:23 PM. |