1 |
On Fri, 19 Mar 2004 11:22:17 +0100 |
2 |
Marc Ballarin <Ballarin.Marc@×××.de> wrote: |
3 |
|
4 |
|
5 |
> |
6 |
> However packages that statically include openssl ("static" useflag) |
7 |
> contain the version used at build time. Those packages will continue |
8 |
> working, but remain vulnerable unless rebuilt. |
9 |
|
10 |
Ok , so to be really annoying, this is the list of installed software |
11 |
that has the ssl use flag, which if any would need updating? Or how can |
12 |
I find out? |
13 |
|
14 |
dev-lang/python-2.3.3 |
15 |
net-misc/wget-1.9-r2 |
16 |
net-mail/fetchmail-6.2.3 |
17 |
dev-db/mysql-4.0.17 |
18 |
dev-libs/cyrus-sasl-2.1.14 |
19 |
net-nds/openldap-2.1.26 |
20 |
net-mail/postfix-2.0.19 |
21 |
net-libs/libwww-5.4.0-r2 |
22 |
net-libs/c-client-2002e-r2 |
23 |
dev-php/mod_php-4.3.4-r4 |
24 |
dev-php/php-4.3.4-r4 |
25 |
net-www/links-2.1_pre11 |
26 |
net-print/cups-1.1.20 |
27 |
net-mail/mutt-1.5.6 |
28 |
net-misc/ntp-4.1.2 |
29 |
net-fs/samba-2.2.8a |
30 |
net-www/lynx-2.8.4.1d-r1 |
31 |
|
32 |
>From that I wont bother about client only apps, wget fetchmail etc, but |
33 |
postfix, cyrus, mod-php, are all internet facing. |
34 |
I got this list from |
35 |
# emerge -epDv world | grep +ssl > sslthings.txt |