freebsd security - Sep 2007 - OpenSSL bufffer overflow

I did not see any commits to the OpenSSL code, recently; is anybody
going to commit the fix?

See http://www.securityfocus.com/archive/1/480855/30/0 for details ...

Regards, STefan

Stefan Esser wrote:
> I did not see any commits to the OpenSSL code, recently; is anybody
> going to commit the fix?
> 
> See http://www.securityfocus.com/archive/1/480855/30/0 for details ...
> 
> Regards, STefan
Hello Stefan,

We are aware of the situation and have this on our todo list.

Thanks,
Remko

-- 
Kind regards,

     Remko Lodder               ** remko@elvandar.org
     FreeBSD                    ** remko@FreeBSD.org

     /* Quis custodiet ipsos custodes */

At 05:43 PM 9/28/2007, Stefan Esser wrote:
>I did not see any commits to the OpenSSL code, recently; is anybody
>going to commit the fix?
>
>See http://www.securityfocus.com/archive/1/480855/30/0 for details ...
How serious is this particular issue ? Is it easily exploitable, or 
difficult to do ?  Are some apps more at risk of exploitation than 
others ? e.g. ssh,apache ?

         ---Mike

>Regards, STefan
>_______________________________________________
>freebsd-security@freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-security
>To unsubscribe, send any mail to
"freebsd-security-unsubscribe@freebsd.org"